last executing test programs:

5m1.752412444s ago: executing program 1 (id=241):
syz_mount_image$reiserfs(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x1000098, &(0x7f00000002c0), 0xfe, 0x10f4, &(0x7f00000022c0)="$eJzs2LGK1FAUBuD/JqNgNXK3DwtaKMjiMr7AFgrTWFjbDVZ2TqXM4/g4spX9sg+wxYK9ksToCoIsGxwYvg9Ccn9ycnLLcwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC9RXI/yVGT1ClrkpSk687Xl0m6KX/4pW1S8ubdevvyw+rVdnwtfdak9FXDup4+qnVVV/W0vjg6e1y3Hz+9b2+0LOlycb3bPHh9NetW+t7trF8EAACAw/D9zpZ77g8AAAD8y2wHCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzqNNDk6QkXXe+vkzS7fe3AAAAgDsqafJ2+bd8PAb47Vm+LsuQT74Ni+f5PNY/vX33e7cvAQAAgANVbszjT7L4NZf32XEWOTkZ1z9vuTpL2mEy/9PF9W4zXMe7TfmfGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH6wA8cCAAAAAML8rdPo2AAAAAAAAAAAAAAAgKkCAAD//4CP0SQ=")
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f00000000c0)='./file1\x00', 0x8000008)
openat(0xffffffffffffff9c, &(0x7f0000000f40)='./file2\x00', 0x2440, 0x24)

5m0.563069365s ago: executing program 1 (id=248):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'ipvlan1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}]}, 0x4c}}, 0x0)

5m0.230066731s ago: executing program 1 (id=251):
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a000}], 0x1, 0x0, 0x0, 0x804c040}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x2, 0xfffff010}, {0x20, 0x0, 0x20, 0xfffff034}, {0x6}]}, 0x10)
sendmmsg(r0, &(0x7f0000000180), 0x4000190, 0x0)

4m59.896003717s ago: executing program 1 (id=254):
syz_mount_image$hfsplus(&(0x7f00000001c0), &(0x7f0000000400)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f00000002c0)={[{@creator={'creator', 0x3d, "1c4cdc1a"}}, {@type={'type', 0x3d, "e833026f"}}, {@gid}, {@uid}, {}, {@part={'part', 0x3d, 0x2}}, {@creator={'creator', 0x3d, "338be97f"}}, {}, {@part={'part', 0x3d, 0x7}}, {@nobarrier}]}, 0x20, 0x6fe, &(0x7f0000000480)="$eJzs3U9oXHkdAPDvm5lMMl3IztZ2t4rQsMWiW22TDIsVBKuI5LBowcteY5tuQydpSbKSFrGz6qo3PUkPe1iReNiTeBBWPIj1JgiC994LHrwVD468N+9NZvJ3Js0ksfv5wJv3e+/9/nx/33nz5k9aXgCfWHNvx1grkpi79NZ6uv1ko9F8stFYKsoRMR4RpYhKZxXJckTyOOJadJb4dLoz7y7ZbZw3n378wcVHHzU6W5V8yeqX9mq3qb3HCK18iamIKOfrIVV26+/GDv09HKrrpBt3mrALReLguLW3aQ3TfIDXLXDSPYwoj+2wvx5xKiIm8s8BkV8dSkcc3qEb6ioHAAAAJ1N5vwovP4tnsR6TRxMOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvBiSzj0Dk3wpFeWpSPL7/38nr5apVo833H18cZ/j7986okAAAAAAAAAA4PCNbRbPP4tnsR6TxXY7yf7m/3q2cSZ7fCnejdVYiJW4HOsxH2uxFisxEzE22dNndX1+bW1lZnvLX0Xast1uP8xbzkZEfVvL2RHPGQAAAAAAAABebD+KuZg87iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBXElHurLLlTFGuR6kSERMRUU3rtSL+VJRPgvoB2/35kOMAAACAE6iWryeT/3YK7ST7zv9q9r1/It6N5ViLxViLZizEzey3gM63/tI/Wo3mk43GUrps7/jr/8p6aw8YR9ZjRJTjvV1Gns5qnO22mItvxXfjUkzF9ViJxfh+zMdaLMRU1NJJxHwkUa91fr2oF3H2x1vOu7rWF8r1rbGd37J9LoukFrdiMYvtctyoFr2VshpJnOsZ7Q/ViC0Zei/NTvK13IA5utnzfP0y/10m1355wD5Go57NfKybkek093k2Xtk594XOeXLgkWai1P0N6szmKOnm1pGKnH9vmJyfytdprn/an/PDNuRPaVszMRul/OyLeLU/5/c+9+h0f+Mv/PMv12+Xlu/cvrV6aYRTOiSVHfeOFYWtmWj0ZOK1vc++PBPNNBOtwTMxtnXHxMBzGalqno3OhW2wq+U3s9J8vN5zCt5dTh+/HNMxE1djOr4Ss9HoO8PO9uW10ljqz0n2Wittv77V9gj+wud7Kv1sn8qjsPt4aV5e6clr75Wunh3L91z7RUz3ZOn03mffQd4FKp/JC+kYP+6+45wEfZnIr81FdMUb1C6Z+HX2OWG1uXxn5fb8vQHHu5iv05ft+/3X5t8892SeS3q+nO5euLKc1IrzJT32qW60/fmq5n9x6bQrbTt2tnusHpOxGN+Ou3EzFnZ4pVbzz3Dbe+oce23HY43s2LmeY32fcuJuNLNPIVtMHU1WARjYqTdOVWtPa3+vfVj7Se127a2Jb4xfHf9sNcb+Wvlj+Xel35a+mrwRH8YPY/K4IwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBfB6v0Hd+abzYWVERaqBxwrSvvW2XhpsA6jHrH3WEleqI46G0MXfp7fr/Dwev73xJ7ZqMWIpvP7vWdRfe4hkkhaI35S0mfiUDosbpyW7WmX9231tysRnT2VaLfbD7uHtj6VlVid2O0ZHN+sHPU7883/tPvq1KLnJQO84K6sLd27snr/wZcWl+bfWXhnYXn2anF73FuLzYXpK9njMQcJjMTq/Qfl444BAAAAAAAAAAAAGE7+r//XVkppIRn+f+lU9qlTXVndeeTzRz1VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/U3Nsx1ookZqYvT6fbTzYazXQpyps1KxFRiojkBxHJ44hr0Vmi3tNdsts4bz79+IOLjz5qbPZVKeqX9mo3mFa+xFRElPP1/sZ36GZ7fzd6+msdKLykO8M0YReKxMFx+18AAAD//yBC8a4=")
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r0, &(0x7f0000004180)={0x2020}, 0x2020)

4m59.553917751s ago: executing program 1 (id=258):
socket$inet_sctp(0x2, 0x1, 0x84)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='numa_maps\x00')
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd/4\x00')

4m59.13197809s ago: executing program 1 (id=262):
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x10000, &(0x7f0000000640), 0x1, 0x5c5, &(0x7f0000001a00)="$eJzs3VuIXHcdB/Dfmd1Jc9mai63aGpvVUFso3dlsNiERHyzxUmtSK4oPoRCW7HQ3ZHZnzW6gOxVM8UUURPBFBKFiH6yIBvJSKbV9aPFFQakXKhoDKohQtFIQQZ3yn8t22pw0pXs5JOfzgTP7P/9zZv7/2eE755w5twBKazQ9ZBEjEXEhIrZ3R18/w2j3T2v/+dk0ZNFuf/YfWWe+6f3nZ/uz9p+3LT0MR2yOiF1HsthbvbzdxeXW6alGo36mN15bmluoLS637j41NzVTn6nPHzg0eXji4OShybV7r+O/2HrzX2+//9Ljz/37v9/53cEfpf6O9KYNvo+1Mhqjvf9JNXYO1A9nEfetdWMFGep+1HH7QF02XGCHeMva7V0/TJ/fOyNibyf/22Mouh/ei089+K/t8Zt7i+4jsH7affmTX24Pqg4+AbjWVTrrwFllLCK65UplbKy7Dn9TbK00motLdz3UPDs/3V1X3hHVykOnGvXx3rbCjqhmaXxfp/za+MQbxvdHdNaBvzK0pTM+drLZmN7oLzugYyTi4oUvnNy07Q35/9tQN//A9Svl/9fPP/lMKr8yVHRvgI2U8v+DV+Y+FfIPpSP/UF7yD+Ul/1Be8g/lJf9QXvIP5SX/UF7yD+Ul/1Be/fw/cOxYPHDsWLvVO/99vjlz6vTswuGJ8bG5syfHTjbPLIzNNJsznTN25q7+uo1mc2HfRJx9uLZUX1yqLS63Tsw1z84vneic13+innMpAKAAxy9tvm/nnmdfzCLi3Ie2dIZkU2+6rML1rd3OnNIPJWXTH8rLpdqgvGzjA9lVpm++0oTG2vcF2BiVojsAFOaOW+z/g7Ly+z+Ul9//obze7jp+FnFujbsCFMTv/1A+fv+H8hq5wv2/bhy4d9d4RLwjIn4+VL2hf68v4Jryuk39kYiLF7/3+drKfbgVFBQUVgrFfVEBG+O10BfdE6Ao0/vPz/aHjWrz6ZmNagnI89I93YOAUu5bvaE7ZXhl30B1nY4T2nlbevzJHx+7c3YoDdH7HlqHpoAc5x6NiPfkLf+zzr6BHb35dnVni5si4uaIeFdEvHuVbX/rMxGj8Xx9sE7+YeO81fzfEhFpcX1rRLw3InZHxPtW2favLqT8/3bLYJ38Qzl88bmiewAU5ZNPFt0DoCjHHWMApfX9R4ruAVCUp35cdA+Aonz9haJ7AOX27D0RMZ63/6/S2d/fV+1dF/CG3rUAtkTE1ojY1juH8MbeOYLbB/YZXs2JT0eMxm0/Hayz/w82Tv/4v9Zlx/9VVo7/G4qIPato4+kPj3wtr35qd8r/44/0j/9LQ2q/fywgsL5eejTi1tz8ZyvH/GaRchrx/rfZxuiXLj2RV//C/el1q7+UfyhG+7sRH4z8/PelUm1pbqG2uNy6u3Mf75n6/IFDk4cnDk4emqx1LhFS618oJMfRf758V179HyZS/r99QP6hGGn5v/UK+R9c///AKto48s2vHs+rH/lzyv/uZ948/5W/b8o+1xnv35fg4amlpTP7IjZlRy+vn1hFR+E6189IP0Mp/3fuzd/+39V7Tlr+H4mIj6b1hYj4X0T8PyI+FhEfj4hPRMS9b9LmN+6YuZRX/6cnUv4fO235D8VI+Z++yvI//f3PKtrYHD/7cl79R/ak/I/9/i9HHxxOg/wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArL3F5dbpqUajfmYdC0W/RwAAAAAAACiLVwMAAP//Oacv4Q==")
stat(0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
lgetxattr(&(0x7f0000000d00)='./file0\x00', &(0x7f0000000d40)=@known='system.posix_acl_access\x00', 0x0, 0x0)

4m58.578937613s ago: executing program 32 (id=262):
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x10000, &(0x7f0000000640), 0x1, 0x5c5, &(0x7f0000001a00)="$eJzs3VuIXHcdB/Dfmd1Jc9mai63aGpvVUFso3dlsNiERHyzxUmtSK4oPoRCW7HQ3ZHZnzW6gOxVM8UUURPBFBKFiH6yIBvJSKbV9aPFFQakXKhoDKohQtFIQQZ3yn8t22pw0pXs5JOfzgTP7P/9zZv7/2eE755w5twBKazQ9ZBEjEXEhIrZ3R18/w2j3T2v/+dk0ZNFuf/YfWWe+6f3nZ/uz9p+3LT0MR2yOiF1HsthbvbzdxeXW6alGo36mN15bmluoLS637j41NzVTn6nPHzg0eXji4OShybV7r+O/2HrzX2+//9Ljz/37v9/53cEfpf6O9KYNvo+1Mhqjvf9JNXYO1A9nEfetdWMFGep+1HH7QF02XGCHeMva7V0/TJ/fOyNibyf/22Mouh/ei089+K/t8Zt7i+4jsH7affmTX24Pqg4+AbjWVTrrwFllLCK65UplbKy7Dn9TbK00motLdz3UPDs/3V1X3hHVykOnGvXx3rbCjqhmaXxfp/za+MQbxvdHdNaBvzK0pTM+drLZmN7oLzugYyTi4oUvnNy07Q35/9tQN//A9Svl/9fPP/lMKr8yVHRvgI2U8v+DV+Y+FfIPpSP/UF7yD+Ul/1Be8g/lJf9QXvIP5SX/UF7yD+Ul/1Be/fw/cOxYPHDsWLvVO/99vjlz6vTswuGJ8bG5syfHTjbPLIzNNJsznTN25q7+uo1mc2HfRJx9uLZUX1yqLS63Tsw1z84vneic13+innMpAKAAxy9tvm/nnmdfzCLi3Ie2dIZkU2+6rML1rd3OnNIPJWXTH8rLpdqgvGzjA9lVpm++0oTG2vcF2BiVojsAFOaOW+z/g7Ly+z+Ul9//obze7jp+FnFujbsCFMTv/1A+fv+H8hq5wv2/bhy4d9d4RLwjIn4+VL2hf68v4Jryuk39kYiLF7/3+drKfbgVFBQUVgrFfVEBG+O10BfdE6Ao0/vPz/aHjWrz6ZmNagnI89I93YOAUu5bvaE7ZXhl30B1nY4T2nlbevzJHx+7c3YoDdH7HlqHpoAc5x6NiPfkLf+zzr6BHb35dnVni5si4uaIeFdEvHuVbX/rMxGj8Xx9sE7+YeO81fzfEhFpcX1rRLw3InZHxPtW2favLqT8/3bLYJ38Qzl88bmiewAU5ZNPFt0DoCjHHWMApfX9R4ruAVCUp35cdA+Aonz9haJ7AOX27D0RMZ63/6/S2d/fV+1dF/CG3rUAtkTE1ojY1juH8MbeOYLbB/YZXs2JT0eMxm0/Hayz/w82Tv/4v9Zlx/9VVo7/G4qIPato4+kPj3wtr35qd8r/44/0j/9LQ2q/fywgsL5eejTi1tz8ZyvH/GaRchrx/rfZxuiXLj2RV//C/el1q7+UfyhG+7sRH4z8/PelUm1pbqG2uNy6u3Mf75n6/IFDk4cnDk4emqx1LhFS618oJMfRf758V179HyZS/r99QP6hGGn5v/UK+R9c///AKto48s2vHs+rH/lzyv/uZ948/5W/b8o+1xnv35fg4amlpTP7IjZlRy+vn1hFR+E6189IP0Mp/3fuzd/+39V7Tlr+H4mIj6b1hYj4X0T8PyI+FhEfj4hPRMS9b9LmN+6YuZRX/6cnUv4fO235D8VI+Z++yvI//f3PKtrYHD/7cl79R/ak/I/9/i9HHxxOg/wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArL3F5dbpqUajfmYdC0W/RwAAAAAAACiLVwMAAP//Oacv4Q==")
stat(0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
lgetxattr(&(0x7f0000000d00)='./file0\x00', &(0x7f0000000d40)=@known='system.posix_acl_access\x00', 0x0, 0x0)

4m45.598997866s ago: executing program 0 (id=348):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x40940, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x2)
readv(r0, &(0x7f0000000600)=[{&(0x7f00000002c0)=""/135, 0x87}], 0x1)
read(r0, 0x0, 0x0)

4m44.353672276s ago: executing program 0 (id=351):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x20031, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='cmdline\x00')
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x7000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68)
read$FUSE(r0, &(0x7f0000000280)={0x2020}, 0x2020)

4m44.170006421s ago: executing program 0 (id=354):
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000500)={'team0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0xb0, 0x24, 0xf0b, 0x0, 0xfffffffd, {0x0, 0x0, 0x12, r1, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x80, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x1, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x6, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x1}]}]}, @TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME={0xc, 0x8, 0x8001}]}}]}, 0xb0}}, 0x0)

4m43.930207205s ago: executing program 0 (id=357):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1200002, &(0x7f00000001c0)=ANY=[@ANYBLOB='iocharset=cp936,quota,errors=remount-ro,errors=remount-ro,nodiscard,noquota,discard=0x00000000000005a6\x00integrity,discard=0x0000000000000009,umask=0x00000000000bfe,quota,quota,errors=remount-ro,umask=0x0000000000020046,\x00'], 0xfc, 0x61e8, &(0x7f000001e9c0)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0bER09FbG2vr9aLLx6yH9/9499/98Mn3vrbHwbn//unO73XJq139+6v/vPne0fbZgAAAChNVVVVJ33MP5M+33fb7hQAMBX59b9K8vJTX//6n2/9ZZb6o1ar1Wr1FOqmarx7zSIiNpq3qd8zOBwPACfMRnzcdhdokfyL1o+IJ9ruBDDTOm13gGOxtb2+2kn5dpqvB8u77flckH35b3QeXN8xaXqQ0XNMpvX42oxePDOhPwtT6sMsyfl3R/O/tts+TOsdd/7TMin/4e6lT8XJ+fdG8x9xevLvjs2/VDn//iPl35M/AAAAAADMsPz//0stH/+dO/qmHMonHf9dnlIfAAAAAAAAAOBxO+r4fw8Y/w8AAABmVv1Zvfabp/aWTfoutnr51U7EkyPrA4VJF8sstt0PAAAAAAAAAAAAAChJf/cc3qudiEFEPLm4WFVV/dM0Wj+qo97+pCt9+6FkbT/JAwDAro+eGrmWvxMxHxFX03f9DRYXF6tqfmGxWqwW5vL72eHcfLXQ+Fybp/WyueEh3hD3h1X9y+Ybt2s66PPyQe2jv6++r2HVO0THHpNB+mtOaG4pbABIdl+NtrwinTJV9fSkNx+wj/3/FFqKpbYfV8y+th+mAAAAwPGrqqrqpK/zPpOO+Xfb7hQAMBX59X/0uMCR6u6E9ojH8/vVarVarVZ/qrqpGu9es4iIjeZt6vcMhuMHgBNmIz5uuwu0SP5F60fEc213AphpnbY7wLHY2l5f7aR8O83XgzS+ez4XZF/+G52d2+Xbj5seZPQck2k9vjajF89M6M+zU+rDLMn5d0fzv7bbPkzrHXf+0zIp/+HOJXPlyfn3RvMfcXry747Nv1Q5//4j5d+TPwAAAAAAzLD8//9Ljv/mTQYAAAAAAACAE2dre301X/eaj/9/bsx6rv88nXL+nUfNfyHNy/9Ey/l3R/L/8sh6vcb8/Tf39v9/b6+v/v7Ovz6bp4fNfy7PdNIjq5MeEZ10T51+mh5l6x62OegN63sadLq9fjrnpxq8EzfiZqzFhX3rdtPfY699ZV973dPBvvaL+9r7D7Vf2tc+SN87UC3k9nOxGj+Jm/H2TnvdNnfA9s8f0F4d0J7z73n+L1LOv9/4qfNfTO2dkWnt/ofdh/b75nTc/bxx4/O/vHD8m3Ogzeg92LamevvOttCfnb/JE8P42e21W+fuXr9z59ZKpMm+pRcjTR6znP9g52du7/n/hd32/Lzf3F/vfzh85PxnxWb0J+b/QmO+3t6Xpty3NuT8h+kn5/92ah+//5/k/Cfv/y+30B8AAAAAAAAAAAAAAAD4JFVV7Vwi+kZEXE7X/7R1bSYAMF359b9K8nK1Wq1Wq9Wnr26qxnu9WUTEX5u3qd8z/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpi213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+cWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOPPx8743Ocmjf99Nh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5P98Y77zO/8zI8OsljP86OuZ9CXL+ZxuP5zr/L42s18y/+u3M5b9x2BU3o7sv//N33vvp+dvvf/DKjfeuv7v27tqPL62sXLh0+fKVK1fOv3Pj5tqF3X+Pp9czIOefx752HmhZcv45c/mXJef/hVTLvyw5/y+mWv5lyfnn93vyL0vOP3/2kX9Zcv4vpVr+Zcn5fyXV8i/L1vb6XJ3/y6mWf1ny/v/VVMu/LDn/V1It/7Lk/M+lWv5lyfmfT/Uh8vf18KdIzj8f4bL/lyXnv5Jq+Zcl538x1fIvS87/UqrlX5ac/6upln9Zcv5fS7X8y5Lzv5xq+Zcl5//1VMu/LDn/K6mWf1ly/t9ItfzLkvP/ZqrlX5ac/2upln9Zcv7fSrX8y5Lz/3aq5V+WnP93Ui3/suT8X0+1/Muy9/3/ZsyYMZNn2n5mAgAAAAAAAAAAAABGTeN04ra3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzdXYxcZ30/8DPrXXvtEGIgBCd/A5vEhJCY7NpO/MKfFBPe0gClQEKhL9iud20W/IbXLoGi2jRQUmFUVFE1vWgLCLWRqoqo4oJWlOai6stVaS/oHVUlpEZVQAEVqS80W82c53k8Mzs7M2uPd8+e5/OR4t/uzDlznjnznLPz2813DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANDu1jfNfbZRFEXzv9Y/W4viBc2vN09tbd32urUeIQAAAHC1/rf173M3pBsODrFS2zJ/+4p/+Pri4uJi8f4NvzPxxcXFdMdUUUxsKorWfdFT//qBRvsywWPFZGOs7fuxAZvfMOD+8QH3Twy4f+OA+zcNuH9ywP1LdsASm8vfx7QebEfry63lLi1uLCZa9+3osdZjjU1jY/F3OS2N1jqLE8eK+eJEMVfMdCxfLttoLf/NW5vberCI2xpr29b25gz54SePxjE0wj7e0bGty48Zff+NxdSPfvjJo3907tmbe9WBu6Hj8cpx3nlbc5yfDreUY20Um9I+ieMcaxvn9h6vyYaOcTZa6zW/7h7nc0OOc8PlYa6q7td8shhrff3t1n4ab/+1XtpP28Nt/3l7URQXLw+7e5kl2yrGii0dt4xdfn0myxnZfIzmVHpxMb6ieXrrEPO0WWd3dM7T7mMivv63hvXGlxlD+8v0/U9tXPK6r3SeRs1nvdyx0j0HR32sVGUOxnnx7daTfrznHNwRnv8n71h+DvacOz3mYHrebXPwtkFzcGzjhtaY04vQaK1zeQ7u6lh+Q2tLjVZ95o7+c3D63Mkz0wsf/8Rr508eOT53fO7Unl27Zvbs3bt///7pY/Mn5mbKf69wb1fflmIsHQO3hX0Xj4FXdy3bPlUXvzy643Cyz3G4tWvZUR+H491PrrE6B+TSOV0eGw83d/rkpbFimWOs9frcdfXHYXrebcfheNtx2PNnSo/jcHyI47C5zJm7hnvPMt72X68xXKufBVvb5mD3+5HuOTjq9yNVmYOTrXnxP4ul3j8LtofxPr5zpe9HNiyZg+nphnNP85b0fn9yf6v0mpe3NO+4bmNxfmHu7D2PHjl37uyuIpRV8ZK2udI9X7e0PadiyXwdW/F8PTj/isdv6XH71rCvJl/b/Gdy2dequcy99/R/rVo/3Xrvz45bdxehjNhq789eP82b+zP1kn32Z3OZT09f/Xvx1Je2nX8nljn/xr7/+XJ76aEe2zAxXh6/G9Lemeg4H3e+VOOtc1ejte3npoc7H0+E/1b7fHxjn/Pxtq5lR30+nuh+cvF83Bj0246r0/16ToZ5cmJm+ffm28PvOLbtXumcHO97Pr491EbY/68JnULqi9rmznLzNm1rfHwiPK/xuIXOebqnY/mJ0Js1t/Xk7iubp3feXj7WhvTsLluteTrVteyo52k6Xy03TxuDfvt2Zbpfz8kwL27c03+eNpd5+t6rP3dujl+2nTs3DpqDExs2Nsc8kSZheb5f3Bzn4D3F0eJ0caKYbd27sTWfGq1t7bxvuDm4Mfy32ufKbX3m4J1dy456DqafY8vNvcb40ic/At2v52SYF0/c138ONpd5877Rvne9M9ySlml779r9+7Xlfud1S9duupa/82qO86/39f/dbHOZE/tX2mf23093h1uu67Gfuo/f5Y6p2WJ19tO2MM5n9y+/n5rjaS7zxQNDzqeDRVFc+OgDrd/3hr+v/Nn573y94+8uvf6mc+GjD/zg+mN/s5LxA7D+PV+WLeXPura/TA3z938AAABgXYh9/1ioif4fAAAAaiP2/fH/Ck/0/wAAAFAbse8fDzXJpP/f9uZn55+/UKRkfviAkpSZS7vhoXK5mHGdCd9PLV7WvP2Br879+C8uDLftsaIofvLQr/ZcfttDcVylqTDOp97SefvSFS8Mtf3Dj1xerj2//qXw+PH5DDsNekVwZ4qi+OYNn29tZ+oDl1r16YcOt+p7Lj7+WHOZ5w6U38f1n3lJufzvh/DvwWNHOtZ/JuyH74U68/be+yOu97VLr9m+732XtxfXa9z2wtbTfuKD5ePGz8n5wmPl8nE/Lzf+v/zck19rLv/oq3qP/8JY7/E/GR73q6H+18vL5dtfg+b3cb3PhPHH7cX17vnKt3qO/6nPlsufeWu53OFQ4/bvDN/veOuz8+3769HGkY7nVbytXC5uf+Y7v9W6Pz5efPzu8U8eutSxP7rnx9P/VD7OdNfy8fa4nejPu7bffJz2+Rm3/+RvHO7Yz4O2/9R7nnl583G7t39313Ibutbv/sSmP/jM53tuL47n4J+e6Xg+B98djuOw/Sc+GOZjuP+/n/p8x3ajw+/uPP/E5b+09ULH84ke/FG5/afecLxV/23qx7933Quuf+HFVzb3XVF8+73l4w3a/vE/PN0x/i/fdFfr9Yj3x4x+9/aXE7d/9mM7T51eOD8/27ZXW5+d845yPJsmN29pjveGcG7t/v7Q6XMfmjs7NTM1UxRT9f0IvSv2lVB/UJaLK13/rkfC63nL735zyx3/+Ll4+z8/XN5+6e3lz61Xh+W+EG7fWr5+i42r3P4Tt97UOr4bT5ffd+TYR2D7jn/fP9SC4fl3vy+I8/3MSz/U2g/N+1o/N+JxfZXj/+5s+TjfCPt1MXwy8203Xd5e+/LxsxEuvbc83q96/4XTXHxd/zi83u/8Xvn4cVzx+X43vI/51rbO812cH9+4MNb9+K1P8bgYzifFxfL+uFTc35eeu6nn8OLnkBQXb259/9vpcW5e0dNczsLHF6ZPzJ86/+j0ubmFc9MLH//EoZOnz586d6j1WZ6HPjxo/cvnpy2t89Ps3N57i5nNRVGcLmZW4YR1bcbf/Gq48Z955Ojsvpk7ZueOHTl/7NwjZ+bOHj+6sHB0bnbhjiPHjs19bND687P379p9YM++3TuPz8/ev//AgT0Hds6fOt0cRjmoAfbOfGTnqbOHWqss3H/vgV333XfvzM6Tp2fn7t83M7Pz/KD1Wz+bdjbX/pWdZ+dOHDk3f3Ju58L8J+bu33Vg797dAz8N8OSZYwtT02fPn5o+vzB3drp8LlPnWjc3f/YNWp96WviX8v1st0b5QXzFu+7emz6ftemrn1r2ocpFuj5A9NnwWTR//6Iz+4f5Pvb9E6EmmfT/AAAAkIPY928MNdH/AwAAQG3Evn9TqIn+HwAAAGoj9v2ToSaZ9P/y/6uU/99aFMW6zv+X98v/55X/P/PRMldaufx/SFQPm/+P+Xn5/zyscf7/qrcv/y//X7/8//D5+fU+fvl/+X+Wqlr+P/b9m4siy/4fAAAAchD7/i2hJvp/AAAAqI3Y918XaqL/BwAAgNqIff8LQk0y6f/l/4fK/+8eFLhy/f/O8cv/954f8v9rcP3/+OLI/2djxfn79z3c8a38fyD/L/8v/y//L//PVZtY9p61yv/Hvv/6UJNM+n8AAADIQez7Xxhqov8HAACA2oh9/w2hJvp/AAAAqI3Y928NNcmk/5f/X6Xr/8v/y//L/69N/v9qr//fNhj5//XB9f/7k/8f4Irz/5Py/+sx/z8x2vFXO/8/cPjy/1wTVbv+f+z7XxRqkkn/DwAAADmIff+LQ030/wAAAFAbse9/SaiJ/h8AAABqI/b9N4aaZNL/y//L/8v/y//L//fe/uDr/5dfyf9Xi/x/f/L/A7j+f175/xGPv9r5/1Ff/3/iLd3ry//TS9Xy/7Hvf2moSSb9PwAAAOQg9v03hZro/wEAAKA2Yt//slAT/T8AAADURuz7t4WaZNL/y//L/8v/y//L//fe/uD8f0n+v1rk//uT/x9A/l/+X/5/uPx/jze/8v/0UrX8f+z7bw41yaT/BwAAgBzEvv+WUBP9PwAAANRG7Pv/X6iJ/h8AAABqI/b920NNMun/5f/l/+X/88r/371R/l/+v97k//uT/x9A/l/+X/5/yOv/L7WS/P+mQQ9GbVQt/x/7/peHmmTS/wMAAEAOYt//ilAT/T8AAADURuz7Xxlqov8HAACA2oh9/1SoSSb9v/x/vfL/f/JXT7yykP+X/x+w/Zrm/+M0KB780eGYHJP/z5D8f3/y/8v4tVDl/+X/5f9XJf9PPqqW/499/62hJpn0/wAAAJCD2PffFmqi/wcAAIDaiH3/7aEm+n8AAACojdj37wg1yaT/l/+vV/4/kv+X/++3/Zrm/xPX/8+b/H8PbQep/P8A8v/y/9nn/+O7X/l/RqNq+f/Y978q1CST/h8AAADWs9f/5nDLxb7/jlAT/T8AAADURuz7Xx1qov8HAACA2oh9/52hJpn0//L/8v/y//L/8v+9ty//vz7J//e30vz/Rvl/+X/5/8zy/67/z2hVLf8f+/7XhJpk0v8DAABADmLff1eoif4fAAAAaiP+/5vl//eq/wcAAIA6in3/zlCTTPp/+X/5/5zy/w35f/l/+f/ak//vz/X/B5D/l/+X/5f/Z6Sqlv+Pff9rQ00y6f8BAAAgB7HvvyfURP8PAAAAtRH7/ulQE/0/AAAA1Ebs+2dCTTLp/+X/5f9zyv+7/r/8f9Xy/5vDffL/oyP/3192+f8x+f+VWOv8/HoffyXz/0Uh/8+aqlr+P/b9u0JNMun/AQAAIAex798daqL/BwAAgNqIff+eUBP9PwAAANRG7PvvDTXJpP+X/x9Z/n9T92355v8n5f+Xzo8W+X/5f9f/v/bk//vLLv/v+v8rstb5+fU+/u78/3VVyP+7/j9rrGr5/9j33xdqkkn/DwAAADmIff/eUBP9PwAAANRG7Pv3hZqE/r/Xdd0AAACA9SX2/ftDTTL5+7/8f02u///rf9exbdf/l//vt/3R5P83y/+HKv9fLTXN/3cfFldM/n8A+X/5/7pd/1/+nzVWtfx/7PsPhJpk0v8DAABADmLf/7pQE/0/AAAA1Ebs+/9/qIn+HwAAAGoj9v2vDzXJpP+X/69J/r+L/L/8f7/tu/6//H+d1TT/PzK1yv+PZZL/33T5S/n/ao9f/l/+n6Wuff4/fjVc/j/2/feHmmTS/wMAAEAOYt//U6Em+n8AAACojdj3vyHURP8PAAAAtRH7/oOhJpn0//L/8v/y//L/1yb//4aiWxXz/83JI/9fL/L//dUq/+/6//L/FRu//L/8P0tV7fr/se9/Y6hJJv0/AAAA5CD2/Q+Emuj/AQAAoDZi3/+mUBP9PwAAANRG7PvfHGqSSf8v/y//L/8v/+/6/723L/+/Psn/9yf/P4D8v/y//L/8PyNVtfx/7PvfEmqSSf8PAAAAOYh9/1tDTfT/AAAAUBux739bqIn+HwAAAGoj9v0Phppk0v/3yv+3Z3nl/4cj/985fvn/3vND/l/+X/7/2pP/70/+fwD5f/l/+X/5f0aqavn/2Pf/dKhJJv0/AAAA5CD2/Q+Fmuj/AQAAoDZi3//2UBP9PwAAANRG7PvfEWqSSf/v+v/y//L/8v8Vyv9PFj3I/8v/r4T8f3/y/wPI/8v/y//L/zNSVcv/x77/naEmmfT/AAAAkIPY9/9MqIn+HwAAAGoj9v3vCjXR/wMAAEBtxL7/Z0NNMun/5f/l/6uV/1+80L6e/H92+f9rd/3/5kry/1mQ/+9P/n+AHvn/TfL/8v/y//L/XLGq5f9j3//uUJNM+n8AAADIQez73xNqov8HAACA2oh9/3tDTfT/AAAAUBux73841CST/l/+P8v8f3rK1cv/u/6//P81yv9fo+v/h9de/r9C5P/7k/8fwPX/5f/l/+X/Gamq5f9j3/9IqEkm/T8AAADkIPb97ws10f8DAABAbcS+/+dCTfT/AAAAUBux739/qEkm/b/8f5b5/wpf/79u+f/xjvmRU/5/su31TPOyhvn/wvX/K0f+vz/5/wHk/+X/q5z/D7N58zLry/9TRVXL/8e+/wOhJpn0/wAAAJCD2Pf/fKiJ/h8AAABqI/b9vxBqov8HAACA2oh9/y+GmmTS/8v/y//L/7v+v+v/996+/P/6JP/fn/z/APL/8v9Vzv8PIP9PFVUt/x/7/l8KNVm28fvBfwzxNAEAAIAKiX3/B0NNMvn7PwAAAOQg9v2HQk30/wAAAFAbse8/HGqSSf8v/9+d/49XVJX/l/+X/5f/l/9fj0aX/3/Z9UUh/y//L/8v/y//L//P1aha/j/2/UdCTSfgTPp/AAAAyEHs+3851ET/DwAAALUR+/6joSb6fwAAAKiN2PfPhppk0v+vYf5/opr5f9f/v9L8/0/k/+X/A/n/3uT/V4fr//cn/z+A/L/8v/y//D8jVbX8f+z750JNMun/AQAAoMbSr4Nj338s1ET/DwAAALUR+/7joSb6fwAAAKiN2Pd/KNQkk/7f9f/l/13/fy3y/+Mdy8v/l+T/5f9HQf6/P/n/AeT/5f/l/+X/Gamq5f9j3z8fapJJ/w8AAAA5iH3/h0NN9P8AAABQG7Hv/0ioif4fAAAAKm3TCpaNff+JUJNM+n/5f/n/3PP/jaK46Pr/8v+9ti//vz7J//cn/z+A/L/8v/y//D8jVbX8f+z7T4aaZNL/83/s3UeTXVfVx+GLkBWoovCQIWNGDGFkBnwApsyoYkw2OcgmZzA5B5NzzsnkDCZnMDmZaKKhSpS711rqVt8+p6U+un3O3s8zWa9cEn2FGt76o/rVBgAAoAe5++8Tt9j/AAAA0Izc/feNW+x/AAAAaEbu/vvFLZ3sf/2//r/3/n91JO//7/75+v9t+n/9/xT29PfH1/+8/aLwffv/O935ynvq//X/+v9B+n/9v/6f882t/8/df/+4pZP9DwAAAD3I3f+AuMX+BwAAgGbk7n9g3GL/AwAAQDNy918Zt3Sy//X/+n/9v/5/V/9/nf5f/79s3v8fpv8fof/X/+v/9f9Mam79f+7+B8Utnex/AAAA6EHu/gfHLfY/AAAANCN3/0PiFvsfAAAAmpG7/6FxSyf7X/+v/9f/L6X/P+H9//N+P/p//f86+v9h+v8R+n/9v/5f/8+k5tb/5+5/WNzSyf4HAACAHuTuf3jcYv8DAABAM3L3PyJusf8BAACgGbn7Hxm3dLL/9f/6f/3/Uvr/Db3/r//X/y/ctatz/52g/99L/z9ipP9frfT/Qw7cz6//7S3n8+9D/6//Z6+59f+5+x8Vt9x1tTpxsb9JAAAAYFZy9z86bunk7/8BAACgB7n7z8Qt9j8AAAA0I3f/VXFLJ/tf/6//1//r//X/67++/n+ZvP8/7PD9/x0vv/e9+u3/vf8/zPv/U/f/t3xn6P9Ztrn1/7n7r45bOtn/AAAA0IPc/Y+JW+x/AAAAaEbu/sfGLfY/AAAANCN3/+Pilk72v/6/tf7/1rt+3Y7+f6t20f/r//X/+v/W6f+Hef9/xNZ/zZ2uH+r/9f/e/9f/czhz6/9z9z8+bulk/wMAAEAPcvc/IW6x/wEAAKAZufufGLfY/wAAANCM3P1Pils62f/6/9b6/92/zvv/+v91X1//r/9vmf5/mP5/RCvv/1/kd81R9/OHddSfX/+v/2evufX/ufufHLd0sv8BAACgB7n7nxK32P8AAADQjNz9T41b7H8AAABoRu7+p8Utnex//b/+fxn9f34F/b/+f33/f3zHzz9s/5/0/8uk/x+m/x/RSv9/kY66n1/659f/6//Za279f+7+p8ctnex/AAAA6EHu/mfELfY/AAAANCN3/zPjFvsfAAAAmpG7/1lxSyf7X/+v/19G/+/9f/2/9//1/wej/x+m/x+h/9f/6//1/0xqbv1/7v5r4pZO9j8AAAD0IHf/s+MW+x8AAACakbv/OXGL/Q8AAADNyN3/3Lilk/2v/9f/6//1//r/9V9f/79M+v9h+v8R+n/9v/5f/8+kZtT/7/hVp1bPi1s62f8AAADQg9z9z49b7H8AAABoRu7+F8Qt9j8AAAA0I3f/C+OWTva//n82/f9WztdW/396tVrp/1ed9v+nd/x51vel/l//vwGb7f/jD+WM/l//r/9f6f/1//p/1phR/7/149z9L4pbOtn/AAAA0IPc/S+OW+x/AAAAaEbu/pfELfY/AAAANCN3/0vjlk72v/5/Nv3/lrb6f+//n//90VP/7/3/vfT/m+H9/2H6/xH6f/2//l//z6Tm1v/n7n9Z3HTisov+LQIAAAAzk7v/5XFLJ3//DwAAAD3I3f+KuMX+BwAAgIW6Zs8/yd3/yrilk/2v/5+2/z+x45/p//X/539/6P/1//r/S0//P0z/P0L/r//X/+v/mdTc+v/c/a+KWzrZ/wAAANCD3P3Xxi32PwAAADQjd/+r4xb7HwAAAJqRu/81cUsn+1//7/1//b/+X/+//uvr/5dJ/z/skvX/l+v/9f/6/wn6/5Pn/k/9P224gP7/7NmzZy55/5+7/7VxSyf7HwAAAHqQu/91cYv9DwAAAM3I3f/6uMX+BwAAgGbk7n9D3NLJ/tf/d9r/57f6svr/q1Yr/b/+X/+v/x+m/x/m/f8R+n/9v/f/9f9Mam7v/+fuf2Pc0sn+BwAAgB7k7n9T3GL/AwAAQDNy9785brH/AQAAoBm5+98St3Sy//X/nfb/3v/X/+v/N93/37zS/2/EIvr/0/t//bn3/1fr//X/A7rr/+9+l10/1P/r/9lr3/5/e35uvP/P3f/WuKWT/Q8AAAA9yN3/trjF/gcAAIBm5O5/e9xi/wMAAEAzcve/I2463sn+1//r//X/+n/9//qvv+H3/0+sViv9/wQW0f8PmHv/P837/+f/p/wc/b/+f8mfX/+v/2evub3/n7v/nXFLJ/sfAAAAepC7/11xi/0PAAAAzcjd/+64xf4HAACAZuTuf0/c0sn+1//r//X/h+z/T5z719H/b5td/3/1Ivp/7/9PRP8/bB79//70//r/JX9+/b/+n4M7qv4/d/9745ZO9j8AAAD0IHf/++IW+x8AAACakbv//XGL/Q8AAADNyN3/gbilk/2v/9f/X0j/n59T/9/W+/8nZ9f/n9r1rzfH9/+v1//Plv5/mP5/hP5f/6//v0b/z5Tm9v5/7v4Pxi2d7H8AAADoQe7+D8Wt/+nW/gcAAIBm5O7/cNxi/wMAAEAzcvd/JG7pZP/r//X/3v/X/zf//v8l6P9X+v/Z0v8P0/+P0P/r//X/3v9nUnPr/3P3fzRu6WT/AwAAQA9y938sbrH/AQAAoBm5+z8et9j/AAAA0Izc/dfFLZ3sf/2//l//r//X/2//Ger/26D/H7aZ/v+0/l//X/38reI/Bfp//f/Yr6dNc+v/c/d/Im7pZP8DAABAD3L3fzJusf8BAACgGbn7PxW32P8AAACwSMfX/LPc/Z+OWzrZ//p//b/+X/+v/1//9fX/y3Qk/X9+U+j/vf8f+un/77DrR0t7///8//+l/9f/M7259f+5+z8Tt3Sy/wEAAKAHufs/G7fY/wAAANCM3P2fi1vsfwAAAGhG7v7Pxy2d7H/9v/5f/6//1/+v//r6/2Xy/v8w/f8I/f+Rvp+/9M+v/9f/s9fc+v/c/V+IWzrZ/wAAANCD3P1fjFvsfwAAAGhG7v4vxS32PwAAADRja/dnXNbh/tf/6//1//p//f/6r6//Xyb9/zD9/wj9v/5f/6//Z1Jz6/+/vPWrTq2+Erd0sv8BAACgB7n7vxq37LP/rzu2kY8FAAAATCh3/9fiFn//DwAAAM3I3X993NLJ/tf/6/+X0f+fPXv2jP5f/7/793Ou/79B/0/R/w/T/4/Q/+v/9f/6fyY1t/4/d//X45ZO9j8AAAD0IHf/N+IW+x8AAACakbv/m3GL/Q8AAADNyN3/rbilk/2v/59B/39K/+/9f/3/yvv/+v+J6P+H6f9HtNj/nzr4b/+o+/nDOurPr//X/7PX3Pr/3P3fjls62f8AAADQg9z934lb7H8AAABoRu7+78Yt9j8AAAA0I3f/9+KWTva//n9z/f8t/9718v7/6dX6z6//1//r//X/l5r+f5j+f0SL/f8FOOp+fumfX/+v/2evufX/ufu/H7fsHn6XXdjvEgAAAJiT3P0/iFs6+ft/AAAA6EHu/h/GLfY/AAAANCN3/4/ilk72v/5/Bu//N9j/e/9//feH/n/W/f8x/X8b9P/D9P8j9P/6f/3/RP1/fjfr/3s3t/4/d/+P45ZO9j8AAAD0IHf/T+IW+x8AAACakbv/p3GL/Q8AAADNyN1/Q9yyY/+va7tbof+ff/9/Sv+v/9f/e/9f/39g+v9hB+3/T64O1/8n/b/+X//fa//v/X+2za3/z93/s7jF3/8DAADA4ly2zz/P3f/zuMX+BwAAgGbk7v9F3GL/AwAAQDNy9/8ybrnp2FF9pI3S/8+///f+v/5f/6//1/8fnP5/mPf/R+j/p+jnr9D/t9H/r1b6fw5vbv1/7v5fxS3+/h8AAACakbv/13GL/Q8AAADNyN3/m7jF/gcAAIBm5O7/bdzSyf7X/+v/D9n/b6WZ+v9t+v9t+v/19P+bof8fpv8fof/3/r/+3/v/TGpu/X/u/t/FLZ3sfwAAAOhB7v7fxy32PwAAADQjd/8f4hb7HwAAAJqRu//GuKWT/X/7u914fOePN9b/x7/V+v/F9//e/9f/6//1/7Oi/x+m/x+h/9f/6//1/0xqbv1/7v4/xi2d7H8AAADoQe7+P8Ut9j8AAAA0I3f/n+MW+x8AAACakbv/L3FLJ/vf+//6f/2//l//v/7r6/+XSf8/TP+/Xv1B6f/1//p//T+Tmlv/n7v/r3FLJ/sfAAAAepC7/29xi/0PAAAAzcjdf1PcYv8DAABAM3L3/z1u6WT/6//1//p//b/+f/3X1/8vk/5/2FH2//e43fiX9f7/kff/+RH0//p//T+TmFv/n7v/H3FLJ/sfAAAAepC7/59xi/0PAAAAzcjd/6+4xf4HAACAZuTu/3fc0sn+H+n/T9ZP1P8P0v/v/vz6//XfH/p//b/+/9LT/w/z/v8I/b/3/w/y+W+7/tfr//X/7DVp/3/s8P1/7v7/xC2d7H8AAADoQe7+m+Om29j/AAAA0Izc/f+NW+x/AAAAaEbu/v/FLZ3sf+//L6n/v0L/r//X/+v/9f8j9P/D9P8j9P/6f+//6/+Z1Nze/8/d//8AAAD///HlUV0=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20400, 0x38)
getdents64(r0, 0x0, 0x0)

4m42.351396551s ago: executing program 0 (id=362):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100))
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000c08000/0x2000)=nil, 0x2000}})

4m41.474114422s ago: executing program 0 (id=368):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000200)={0x0, 0x1}, 0x8)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000100)="ab", 0x1, 0x400c804, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)

4m40.845791361s ago: executing program 33 (id=368):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000200)={0x0, 0x1}, 0x8)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000100)="ab", 0x1, 0x400c804, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)

4m5.038524071s ago: executing program 2 (id=573):
syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x8488, &(0x7f0000000780), 0xfe, 0x10fd, &(0x7f0000001140)="$eJzs2T9rFEEYBvBnds8/3cqmXwQtLCQknF8ghcK1ttqIpDJVrlL8OH4cTWUf0msRsF9Zb/dO5UTwTm1+PzjmvYd9Z2fKmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZsmnkhxUSTtlVZKSdN3F4ipJN+V33tdVSp6eLpaPz+dPlknqb4+XZ0kZuoa2tMf3brfzdt4et48OTu5/WL5+8+rF2dnp+ThNSZfL6/1vpYzrAQAAAH7U76z5z+8HAAAAfmdvFwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6hvNnU7FVWSknTdxeIqSbel78Y/Wh8AAACwu5Iqz5tt+eoaYONhPjZlnQ/jlzLUR3m3pR8AAAD4pf7WWHz/fb3c3JzHH2S2PpcP2d3Mcni4+j8O+XyS1EmOfpr88vrty+lX+vpv7wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAPYKAAD///F61s8=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r0, 0xffffffffffffffff, 0x0)

4m3.966110195s ago: executing program 2 (id=578):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000001300)={0x2, 0xe21, @multicast2}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/udp\x00')
pread64(r1, &(0x7f0000000100)=""/83, 0x53, 0x100)

4m3.572538989s ago: executing program 2 (id=582):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
r1 = fanotify_init(0x20, 0x0)
r2 = dup(r0)
fanotify_mark(r1, 0x401, 0x1000, r2, 0x0)

4m3.346406155s ago: executing program 2 (id=585):
syz_mount_image$hfsplus(&(0x7f00000001c0), &(0x7f0000000400)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f00000002c0)={[{@creator={'creator', 0x3d, "1c4cdc1a"}}, {@type={'type', 0x3d, "e833026f"}}, {@gid}, {@uid}, {}, {@part={'part', 0x3d, 0x2}}, {@creator={'creator', 0x3d, "338be97f"}}, {}, {@part={'part', 0x3d, 0x7}}, {@nobarrier}]}, 0x20, 0x6fe, &(0x7f0000000480)="$eJzs3U9oXHkdAPDvm5lMMl3IztZ2t4rQsMWiW22TDIsVBKuI5LBowcteY5tuQydpSbKSFrGz6qo3PUkPe1iReNiTeBBWPIj1JgiC994LHrwVD468N+9NZvJ3Js0ksfv5wJv3e+/9/nx/33nz5k9aXgCfWHNvx1grkpi79NZ6uv1ko9F8stFYKsoRMR4RpYhKZxXJckTyOOJadJb4dLoz7y7ZbZw3n378wcVHHzU6W5V8yeqX9mq3qb3HCK18iamIKOfrIVV26+/GDv09HKrrpBt3mrALReLguLW3aQ3TfIDXLXDSPYwoj+2wvx5xKiIm8s8BkV8dSkcc3qEb6ioHAAAAJ1N5vwovP4tnsR6TRxMOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvBiSzj0Dk3wpFeWpSPL7/38nr5apVo833H18cZ/j7986okAAAAAAAAAA4PCNbRbPP4tnsR6TxXY7yf7m/3q2cSZ7fCnejdVYiJW4HOsxH2uxFisxEzE22dNndX1+bW1lZnvLX0Xast1uP8xbzkZEfVvL2RHPGQAAAAAAAABebD+KuZg87iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBXElHurLLlTFGuR6kSERMRUU3rtSL+VJRPgvoB2/35kOMAAACAE6iWryeT/3YK7ST7zv9q9r1/It6N5ViLxViLZizEzey3gM63/tI/Wo3mk43GUrps7/jr/8p6aw8YR9ZjRJTjvV1Gns5qnO22mItvxXfjUkzF9ViJxfh+zMdaLMRU1NJJxHwkUa91fr2oF3H2x1vOu7rWF8r1rbGd37J9LoukFrdiMYvtctyoFr2VshpJnOsZ7Q/ViC0Zei/NTvK13IA5utnzfP0y/10m1355wD5Go57NfKybkek093k2Xtk594XOeXLgkWai1P0N6szmKOnm1pGKnH9vmJyfytdprn/an/PDNuRPaVszMRul/OyLeLU/5/c+9+h0f+Mv/PMv12+Xlu/cvrV6aYRTOiSVHfeOFYWtmWj0ZOK1vc++PBPNNBOtwTMxtnXHxMBzGalqno3OhW2wq+U3s9J8vN5zCt5dTh+/HNMxE1djOr4Ss9HoO8PO9uW10ljqz0n2Wittv77V9gj+wud7Kv1sn8qjsPt4aV5e6clr75Wunh3L91z7RUz3ZOn03mffQd4FKp/JC+kYP+6+45wEfZnIr81FdMUb1C6Z+HX2OWG1uXxn5fb8vQHHu5iv05ft+/3X5t8892SeS3q+nO5euLKc1IrzJT32qW60/fmq5n9x6bQrbTt2tnusHpOxGN+Ou3EzFnZ4pVbzz3Dbe+oce23HY43s2LmeY32fcuJuNLNPIVtMHU1WARjYqTdOVWtPa3+vfVj7Se127a2Jb4xfHf9sNcb+Wvlj+Xel35a+mrwRH8YPY/K4IwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBfB6v0Hd+abzYWVERaqBxwrSvvW2XhpsA6jHrH3WEleqI46G0MXfp7fr/Dwev73xJ7ZqMWIpvP7vWdRfe4hkkhaI35S0mfiUDosbpyW7WmX9231tysRnT2VaLfbD7uHtj6VlVid2O0ZHN+sHPU7883/tPvq1KLnJQO84K6sLd27snr/wZcWl+bfWXhnYXn2anF73FuLzYXpK9njMQcJjMTq/Qfl444BAAAAAAAAAAAAGE7+r//XVkppIRn+f+lU9qlTXVndeeTzRz1VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/U3Nsx1ookZqYvT6fbTzYazXQpyps1KxFRiojkBxHJ44hr0Vmi3tNdsts4bz79+IOLjz5qbPZVKeqX9mo3mFa+xFRElPP1/sZ36GZ7fzd6+msdKLykO8M0YReKxMFx+18AAAD//yBC8a4=")
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r0, &(0x7f0000004180)={0x2020}, 0x2020)

4m2.8019332s ago: executing program 2 (id=591):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r0, 0x7a6, 0x0)

4m2.314765267s ago: executing program 2 (id=595):
r0 = semget(0x1, 0x4, 0x39c)
semop(r0, &(0x7f0000000080)=[{0x1, 0x8001, 0x1000}, {0x1, 0x5b7a, 0x800}], 0x2)
semop(r0, &(0x7f0000000380)=[{0x3, 0x4, 0x3000}, {0x1, 0xbbdd, 0x1000}], 0x2)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000240)=[0x6, 0x7fff])

4m1.473007655s ago: executing program 34 (id=595):
r0 = semget(0x1, 0x4, 0x39c)
semop(r0, &(0x7f0000000080)=[{0x1, 0x8001, 0x1000}, {0x1, 0x5b7a, 0x800}], 0x2)
semop(r0, &(0x7f0000000380)=[{0x3, 0x4, 0x3000}, {0x1, 0xbbdd, 0x1000}], 0x2)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000240)=[0x6, 0x7fff])

2m48.308940626s ago: executing program 5 (id=1058):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x8001, 0x0, 0x1, 0x0, 0x1, 0x1, 0x4, 0xb, 0x5c, 0xfd, 0x1002, 0x8, 0xb, 0x800, 0x6, 0xffffffff, 0x3, 0x400, 0x2, 0x40000003, 0x89, 0x2, 0xf27, 0x6, 0x7, 0x10000008, 0xf, 0x8, 0x4, 0xfffe, 0xfffffff8]})
ioctl$COMEDI_SETRSUBD(r0, 0x6410)

2m47.766304162s ago: executing program 5 (id=1062):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x3f)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x19)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x7f, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2)

2m47.585868907s ago: executing program 5 (id=1063):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001600)=ANY=[@ANYBLOB="bf16000000000000b707000001f1f0ff5070000000000000200000002c41000095000000000000002ba7e1d30c04aa8b3382022ce2a1d97411a0f6b599e83f24a3aa81d36bb7019c13bd23212fb56f040026fbfefc4a056bdc17487902317142fac7e7be168c1886d0d4d94f2f4eb45c652fbc1626cca2a28d67893547db51ee988e6e06c8cedf7ceb9fc40400ae5e4aa74c92c6a51cbf9b0a4def23d410f6accd3641130bfc4e90a6341865c3f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0c18ce7400dae15cb7947c491b8bea3fd2f73902ebcfcf4982277d9800011b405bbf7b02433a9bcd715f5888b2007f000000001c000000010000000000000600000000309329170ee5b567e70f000006a10f58fa64533500000000000000000000000031000000000000001208e75a89faffbfb11b7dc6ea31001e846c12423a169f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617de7a6520655a80d0900f4d433623c850af895abba14f6fbd7fbad1f98e26ad4deaf1a4f294b2a431ab9142f3a06d54740a4bc5e3abd378af7c9676a08e774c48785f895b4ec8d1141d5e8744d7f09ab4df6027bf48cabecead649f96ea24d32872c494160cb7f46ce680eeb80157eb23f9902519ac655fa73103170cbc496d7122034b85e7e87a2db762cbb253fbd76b9117c1a11d18aa2040c5f0c289906000000000000005ffe94ff010011d9b219c00c369a12bf8685b862d0dbdd956cbda1bae489bcef5ae59136aaadc59609f4d42617c0e6066938b521a0f2e2467a6c435ad5b800262a5da053ced5e95394e500000072737638ac44fb61310e2df511c60b3c88113996a81fb64bce5eb95ce91738640ff7ae6ed6b62086e699955926934389cdf9bcebc7586186fe9ce05268bf8a3958f2206cdc7095682c14f10be1075832956762b2dcc6251e7b74cb1da627e332765511c58215bf84d263e8778e6e8ffe4ea50b076446f35eff00006b340658342d2d9e1ef68c6ef3e98407d2fcefb34a0000000000000000895ddbb76122b1222e4da37177fe833e4fcaa67997e92a206ebd085bd9f90008d3fdd528efe6c1dca17f45ba5e8bd311a40030f9ffce75ffff996a80153a0077bb43f8a63dd390d18f0239b41da1a52383a4c6768ca1bb66b8fb3c5000f6f246fd20356a60769b461b6cdf133de073b1df08ae09268b0073bb97d88d741a5546e76caf4b6b1387ff37ec13d262dae0260be74cdf7bb6d3107597430ef5bbd476bb9d69b2aef9f3cb644b4bf01ccf16d40720939daf2af469bdfb361b9c015dd026fd0fffe3c66f5c343afb78a7cfd852f3e05c089887d7df2ff4f9982030019421af6b78ff9c444a17091875cfe4eab0e7f50eb69c860b1613a6b4f5af04f9c635d8d646c89f8b85f820ce7464c731deba39f9ff7b815f7b0acba754c01ed8bf1bba0010a8c6a2b966d861f9dd547abf2e9b23e5607f00f80b58fd76e4bc46c84799aa792cdaeb6cfb858e577dacff607ba513250e13ae696cd6ed7d318190a93b9ee07927efca6b8d1f5980994690bbe002db5146439d906a0d4aef065214b15666cdca81091b69acee2c7ce0821fc19e0891f0b53469f935c5ac420100010000000000fb53faf4420638489e6a1c696d8c414a87b60000000000080000b6be1557951854c01dbc2d061827ae6349a045b780893771524a424335b9fc34616ee9f09141057262530b7c2f7c9b969938779736ece7b470078ac0b1b4b528000000009866e9994ca9096672ec9f3800c2fc35ba6516e542624c47bdba76a816c3a3dd6c3fa87a3ec91df199a9af91a7babf2b8d0e7b77e6dfb4bbc9817847b705000000a1000000000000ab8353f3800f045b90b0eaab6d731199c9447eabbc8c740183aff5389742e47de5000000826a570d14310700cf2ae3366ebdb7f1000000000000333c00e6addbf4c71ffad6bfb5babb49109f92a5a52042c425190a6e3f1a8a3abfe6059da9c952cf35c98ce7616355493d280f2d0be99e18fd0900c769e7eb4edc1c03a33676590bd2047229e0237c1e34641848531712ff09e89fb062a3e66f4fced0ae679733830039cb61ea0691f0b4e0b33194404e643243c3841e1e7fe301f7f47a7f89512d92e83624e3de705bdfbfd0e5e381398e9d5428a00cc8a6d097d97e6ac8bd09b1a5577920a650114a522c1e2dcdc4f606fcbcee91770a9fada34d38cd7976a9228a0a0dd8661be8162e966aac26bea4c11458cd6ce22ddf7054cdd0a60ef3ec000000000000000000425cb75dc7ec92e9a5d29f9c99697d2a98ae0a9f35e4196c3faeb7a60a0290bf897846f6f0f1c163d6075119169d55d10da9ad0e4b2c636d200000009baaf94e2b2c48e70d8453f832eecfb1de2a3f38a5c986de9e37737dac74db251d5e9ea2b8ed39e91a7a17d01b49f7aaff7c4c73c3484bdcab362838ed940035b239a3646ef55b9f070ae14466b3acef9f8b28fb938a237e2e068ae4a6bce4407b54cc14614c2cdf877f000000000000000000000000bdcf23144e6c16b9235552aed83b6428f34d88c258a9ad16386bba51b60838fb11bc193a206b5a25b7233b222e4e68e0d1e88f26b9a45b6c29469530a37ea92aaf421cdcc1f594ecfaff9a79b56f8b38038002d29b3193cea9cd0a0ef4f58fa48f61071f548d411353965615c24c1860fd0dfae0f4cdf8c8f8645a289a79f9b919b674f0325d81eacaa8399324a304885da01733bb7917ec5e52718eb05f9c1ffd69f834150e9100c215968e8fb31c83526e6f66897569e28d01ca6135a2acca398c1415e0f9b58b63ee9dc33608ba7e5c4bdf3f37d8e4f4f424be263d9c2a5204f41e9b0ee01ad4cc0519395b69c310c98d3c8edc7d07b30617f3535634257f5472d9f3263a6f04778a920c12000721bb82f9884780ac294b8bb07ebf6e3f16584e95607e319b2ea9778289c19fb775514246159bbfa9dc0fdf711d3efa316a3323c915a40e6d7c8f8d7daf98824fd0bc955dc9731cc8c7a600d94b8049af764688c7ffdd26a741b03b065ba9c586914d8beb94c8a265ace34172ed003357ddd400557230b2caba17a647a171c2fc73a8c7541c7ffaafba62195fce77382ae962f30d4a377d760040975a44aa73a4e687d06f96f0987b980f6f883534dfc71ace539eeeb08cff54e0e05d5e0563660a3664c67d0eb9cdf4eab93ab4bf1972a2acc5c5d43dc2f2b66d7493c390d042d896a1ad772f6d4c2cf38ba0"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x57, 0x10, &(0x7f0000000000), 0xffffffffffffffc9}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000380)=r0, 0x4)
sendmsg$sock(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000280)="67f1", 0xfdef}], 0x1}, 0x40840)

2m47.370148456s ago: executing program 5 (id=1065):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000001c40)={[{@dioread_nolock}, {@norecovery}, {@resgid}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@grpid}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@grpid}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}], [{@subj_user={'subj_user', 0x3d, '('}}, {@obj_user={'obj_user', 0x3d, 'uid>'}}, {@uid_gt}, {@appraise_type}]}, 0xfd, 0x588, &(0x7f0000000680)="$eJzs3d9rW1UcAPDvTZP96rQdjKE+yGAPTsbStfXHBGHzUXQ40PcZ2qyMpsto0rHWgduDe/FFhiDiQPwDfN/j8B/wrxi4wZBR9EGFyk1vuq7Nj7bLTF0+H8h2Ts5Nzv3m3u/NOfcmTQAD62j6Ty7i1Yj4JokYWdeWj6zx6Opyy4+vT6W3JFZWPv09iTMbnivJ/h/OKq9ExC9fRZzIbe63trg0W6pUyvNZfaw+d2Wstrh08tJcaaY8U748MTl5+u3Jiffefadnsb55/s/vP7n34emvjy1/9/PDQ7eTOBsHs7Y0rh50cWN95Wjpn6xUiLMbFhzvQWe7SdLvFWBHhrI8L0R6DBiJoSzrgRfflxGxAgyoRP7DgGqOA5pz+x7Ng/83Hn2wOgHaHH9+9dxI7GvMjQ4sJ0/NjNL57mgP+k/7GH1w5/bdB3duR+fzEPu71AG25cbNiDiVz28+/iXZ8W/nTjVOHne2sY9Be/+BfrqXjn+SGxGb8j+3Nv6JFuOf4Ra5uxPd8z/3sAfdtJWO/95vOf5dO3SNDmW1lxpjvkJy8VKlfCoiXo6I41HYm9Y7Xc85vXx/pV1bGv/dbPyX3tL+m2PBbD0e5vc+/ZjpUr30LDGv9+hmxGstx7/J2vZPWmz/9PU4v8U+jpTvvN6urXv8z9fKTxFvtNz+T65oJZ2vT4419oex5l6x2R+3jvzarv9+x59u/wOd4x9N1l+vrW2/jx/3/VVu17bT/X9P8lmjvCe771qpXp8fj9iTfJwf3nj/xJPHNuvN5dP4jx9rnf+d9v908vX5FuO/dfhW20W7xv/3ukn6U25usffO0vint7X9t1+4/9EXP+w4/sb2f6tROp7ds5Xj31ZX8FleOwAAAAAAANhtchFxMJJcca2cyxWLhUbb4TiQq1Rr9RMXqwuXp6PxXdnRKOSaV7pH1n0eYjz7PGyzPrGhPhkRhyLi26H9jXpxqlqZ7nfwAAAAAAAAAAAAAAAAAAAAsEsMt/z+/2rbb0P9XjvguWv8sMHefq8F0A9df/K/F7/0BOxKXfMfeGFtP/+dGYAXhfd/GFzyHwaX/IfBtdX8L4w85xUB/nPe/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqfPnzqW3leXH16fS+vTVxYXZ6tWT0+XabHFuYao4VZ2/UpypVmcq5eJUda7b81Wq1SvjE7FwbaxertXHaotLF+aqC5frFy7NlWbKF8oFf2wYAAAAAAAAAAAAAAAAAAAANqktLs2WKpXyvELbwpno5RMmu++VP5Ot0o4ent8tUSj0tNDHgxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbPBvAAAA///YBDOu")
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x10040d0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})
setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)

2m46.690879795s ago: executing program 5 (id=1067):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e2a, 0x6b1, @mcast2, 0x4}, 0x76)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

2m45.872661658s ago: executing program 5 (id=1073):
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r0 = inotify_init1(0x800)
inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x40000000)
inotify_add_watch(r0, &(0x7f0000000240)='./file0\x00', 0x40000000)

2m45.116936052s ago: executing program 35 (id=1073):
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r0 = inotify_init1(0x800)
inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x40000000)
inotify_add_watch(r0, &(0x7f0000000240)='./file0\x00', 0x40000000)

5.429240625s ago: executing program 4 (id=2319):
syz_mount_image$xfs(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x4004000, &(0x7f0000000140)={[{@qnoenforce}, {@nodiscard}, {@nouuid}, {@usrquota}, {@inode32}, {@gquota}, {@lazytime}, {@usrquota}, {@gqnoenforce}, {}]}, 0x1, 0x975c, &(0x7f000001c600)="$eJzs/QWcbXWhuP/PgUM3giBSUmKSEqJIhyJKihKCtKSACCgdSqigCCjd3d2d0t3d3R3/14EDKj5wvd/f/V+8Ps/zYmbPjlnz2Z/3Wou9Z83Ze6n5FptrYGDMgfd6//RvXbTbvcstPtpC6528y+Bb9t5x4SeGXjz8eydjzTH0dM6hp3MNDAwMGrqcQe9dNnj2k04eZmDwwJD//taoI408zKgDAyMPPTt0OQMzv3cyyiHv3+6dD8UDnXTIj9vhvY93G23IQoZ8sczyb609MDAw4t99/5BxTftPd1TaUnPOP9/frD5wG2bo1YP+dt27p4Pf+xjlgIGBUfYb+Oj1Y8hth/u77/3fbMjPHHPygSXu/QR+9v+5lppz/gU/5D9kWxx26GUzD9nGP7wNGvvwer7jYms8NnQKBw2duMF/t718Euv9/1NLzTnfQgMfvR0PLDzvpo++8+5+c/A8AwOD5x0YGDzfwMDg+T9pj/qf6RNd+aqqquoTac65ZhjynH2YDz0eGPH9x7X0uPCyN6d7cGBg8MLvPU8cvPz7zwWrqqqqqqqq6t+zOeeaYW54/j/mxz3/n/TMbcbq+X9VVVVVVVXV/50WnHOuGYY81//Q8//xP+75/7OPH33we3/7P8fM733X25/snaiqqqqqqqqqj22+BfH5/6Qf9/z/ipMmvbrn/1VVVVVVVVX/d1r0nXfe2fzvXmdv6MVTv389Pf8/+5G7l/3EBlxVVVVVVVVV/+3efuqMc/72mu8TD3zo9d7fbejvBQYdd961135iA/33aNA//z5ki096TP9fG+I84hGTDgysvcQnPZT6BPo/81r19f+X8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/cR9x/P+D1/8/+4QV338v+M9POcOtZ/ztO9997//BCy/41Jaf0NA/if5Tj/8PrD5oYGCo75irDwwMLDznootPPTAwcMatM0w5xcAH180y5LrZxh723TeIf/+ficw7Fi94i8neOx2yogyM88Eyjnt3+Qu+s/+wgz40iL9rrFMOPni1pV6Z8cOnU330/Rjmg69GO/nx9/8tyzAfutGIH/HN7y///fvyYeehY596yNin2WCtdadZf+NNvrL6WiusuvKqK6896/QzTTfjrLPONNM0q6y+5srTvvf5o+Zs0nc/z/2vzNmoH56zp+b8+zn78H37qDmb9OPn7N0l7nr5iN96f84G/zfnbO6Pn7NJVx/6g8aaY7iB5d+dm0EDA2PNM9zARkPOTDfCwMBY8w697fhDbvuNsYcZGNj5b3d0yFcjfLAODtpiyG2Wmm+xud7bTQ0M/O30b33E+9kPP3Tkcww9nXPo6Vzv/ZgxB/62Kg6e/aSThxkyF/8wHaOONPIwow4MjDz07NDlDMz63snIZ75/u494n/UPDfTdl1nZ4b2PdxttYGBglCFfTLzC2dsOmfr/hfdp/3/6//8/ec0y6IP1cdDQj6G3ec9rzvkX/NvPencahszdsEMvm3mIyf/wW9v/Q/803klHHJj0Y8b7Ma+L8260fq15xrhb/U+9Lg6Nd/yPGe/HvI7vR453yQf3eOy9Rf2PjfdD+7qF3v08x7+yrxv4+H3dsLSAla+a6MP7uu989BD/YXf5/hyN8KEbfdS+bvy9JtliyPLn+Ph93UJDxj7cP+zrhhkYGGvu9/d1Q3Z88w03sPOQM9MPOTP/cAOHDTkzw7tnRho4b8iZr664zporDblggX9eD6Ye9A9/oAnb2Xwf2s4G/d19H/Shv+8c/N7pKAe8/x5OH7HfHDT0bv2X+wpab8f8mPF+zPtP4TwPuWyl40cc93/q/adovCN+/Hg/6v2yP3K8O7189r3/w+P9YDsb7u+ma4F/ZTub9B+3syF3cdi/2zL+1cdhK8Ht3/t6/A+WtuFmj3/wmGK4Dy33v3pMscDHb2djrv6h79t+v4FBHzc38/8rczPhP+2Dtvz7uflXH29NPfl71w/7MXMzwqzLTfX+3Az/35yb+f+7czPHwLD/ODeDB+YdGBiYYuj+Yb5/ZW7G//i5+VfXm5Hh9u99vfIHF82z4xGXvD83H56L/2pu5vvvzs2kH6w3U7x73WTDDAw//MBGK2ywwXrTvff5/bPTv/f547fBef6VuRzzf2YuJxj8UXP5t1V11AevPuC/2Ab/aZ/+/vLn+e/O5cAHczmw+oc3lvp3rd//ucvfXf7u8neXv7v83eUv7iOO/3/w+v+7jznbLkN/uTHc1ZOMt90nPd5PuP/o4/9Dff/h+P92401y9TADH1z3scdn37vNv+Xx2ZnfOxnlkPdv9+HjgzzQjz4+u9+sM2/zv3R89v+p97fVf+H3cO3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uI+4vj/tO//HcAj0y3y/NADocM9sfXSi3zS4/2E+48+/j/U9x+O/y+y9NZPDDPwwXUfe/z/vds4jv/f/8Z8O/07H/9/f1vt+H/9F+XvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uI+4vj/HO//HcDRR++xyft/D3DjWDuc8UmP9xPuP/X4f+//7639v7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y1/c0OP/Ax96e8vvt15gcPz//3Yf4b9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8l8wfs/j/IH/M4r9U/pjF/4f5Yxb/H+WPWfyXzh+z+C+TP2bxXzZ/zOK/XP6Yxf/H+WMW/+Xzxyz+K+SPWfx/kj9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+P80f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+P8sf8ziv17+mMV//fwxi/8G+WMW/5/nj1n8N8wfs/j/In/M4r9R/pjFf+P8MYv/JvljFv9f5o9Z/H+VP2bx3zR/zOK/Wf6YxX/z/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/9f5Yxb/3+SPWfy3zx+z+O+QP2bx3zF/zOK/U/6Yxf+3+WMW/9/lj1n8f58/ZvHfOX/M4r9L/pjF/w/5Yxb/P+aPWfx3zR+z+P8pf8ziv1v+mMV/9/wxi/8e+WMW/z/nj1n8/5I/ZvHfM3/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/gfkD9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvH/a/6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6Yxf/N/DGL/1v5Yxb/t/PHLP7v5I9J/AcN5I9Z/Aflj1n8h8kfs/gPmz9m8R+cP2bxHy5/zOI/fP6YxX+E/DGL/4j5Yxb/kfLHLP4j549Z/EfJH7P4j5o/ZvEfLX/M4j96/pjFf4z8MYv/mPljFv+x8scs/mPnj1n8P5U/ZvEfJ3/M4j9u/pjF/9P5Yxb/8fLHLP7j549Z/D+TP2bxnyB/zOL/2fwxi/+E+WMW/4nyxyz+E+ePWfwnyR+z+E+aP2bx/1z+mMV/svf9R/yExvVvmsV/8rZ/zOI/Rf6YxX/K/DGL/1T5Yxb/z+ePWfynzh+z+H8hf8zi/8X8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/NPljFv9p88cs/tPlj1n8p88fs/jPkD9m8Z8xf8zi/7X8MYv/TPljFv+Z88cs/rPkj1n8Z80fs/h/PX/M4j9b/pjF/xv5Yxb/b+aPWfxnzx+z+H8rf8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6YxX/B/DGL/7fzxyz+38kfs/gvlD9m8f9u/pjFf+H8MYv/9/LHLP7fzx+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/JfPHLP4/yB+z+C+VP2bx/2H+mMX/R/ljFv+l88cs/svkj1n8l80fs/gvlz9m8f9x/pjFf/n8MYv/CvljFv+f5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv/V88cs/j/NH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/j/LH7P4r5c/ZvFfP3/M4r9B/pjF/+f5Yxb/DfPHLP6/yB+z+G+UP2bx3zh/zOK/Sf6Yxf+X+WMW/1/lj1n8N80fs/hvlj9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfy3zR+z+G+XP2bx/3X+mMX/N/ljFv/t88cs/jvkj1n8d8wfs/jvlD9m8f9t/pjF/3f5Yxb/3+ePWfx3zh+z+O+SP2bx/0P+mMX/j/ljFv9d88cs/n/KH7P475Y/ZvHfPX/M4r9H/pjF/8/5Yxb/v+SPWfz3zB+z+O+VP2bx3zt/zOK/T/6YxX/f/DGL/375Yxb//fPHLP4H5I9Z/A/MH7P4H5Q/ZvE/OH/M4n9I/pjF/9B/9H/4f31c/6ZZ/A9r+8cs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+T+L9b/v+cxH/QlfljFv+r8scs/lfnj1n8r8kfs/hfmz9m8b8uf8zif33+mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH7P4v5o/ZvF/Lf/h6UKL/+v5Yxb/N/LHLP5v5o9Z/N/KH7P4v50/ZvF/J39M4v/ul/n/cxb/QfljFv9h8scs/sPmj1n8B+ePWfyHyx+z+A+fP2bxHyF/zOI/Yv6YxX+k/DGL/8j5Yxb/UfLHLP6j5o9Z/EfLH7P4j54/ZvEfI3/M4j9m/pjFf6z8MYv/2PljFv9P5Y9Z/MfJH7P4j5s/ZvH/dP6YxX+8/DGL//j5Yxb/z+SPWfwnyB+z+H82f8ziP2H+mMV/ovwxi//E+WMW/0nyxyz+k+aPWfw/lz9m8Z8sf8ziP3n+mMV/ivwxi/+U+WMW/6nyxyz+n88fs/hPnT9m8f9C/pjF/4v5Yxb/L+WPWfy/nD9m8f9K/pjF/6v5Yxb/afLHLP7T5o8Numi34QYGBv7j/afLH7Ns/9Pnj1n8Z8gfs/jPmD9m8f9a/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v54/ZvGfLX/M4v+N/DGL/zfzxyz+s+ePWfy/lT9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6Yxf/b+WMW/+/kj1n8F8ofs/h/N3/M4r9w/pjF/3v5Yxb/7+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL/5L5Yxb/H+SPWfyXyh+z+P8wf8zi/6P8MYv/0vljFv9l8scs/svmj1n8l8sfs/j/OH/M4r98/pjFf4X8MYv/T/LHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv+f5o9Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv+f5Y9Z/NfLH7P4r58/ZvHfIH/M4v/z/DGL/4b5Yxb/X+SPWfw3yh+z+G+cP2bx3yR/zOL/y/wxi/+v8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy3yx+z+P86f8zi/5v8MYv/9vljFv8d8scs/jvmj1n8d8ofs/j/Nn/M4v+7/DGL/+/zxyz+O+ePWfx3yR+z+P8hf8zi/8f8MYv/rvljFv8/5Y9Z/HfLH7P4754/ZvHfI3/M4v/n/DGL/1/yxyz+e+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+f80fs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT9m8X8rf8zi/3b+mMX/nfwxif+wA/ljFv9B+WMW/2Hyxyz+w+aPWfwH549Z/IfLH7P4D58/ZvEfIX/M4j9i/pjFf6T8MYv/yPljFv9R8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/0/lj1n8x8kfs/iPmz9m8f90/pjFf7z8MYv/+PljFv/P5I9Z/CfIH7P4fzZ/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/D+XP2bxnyx/zOI/ef6YxX+K/DGL/5T5Yxb/qfLHLP6fzx+z+E+dP2bx/0L+mMX/i/ljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv9p8scs/tPmj1n8p8sfs/hPnz9m8Z8hf8ziP2P+mMX/a/ljFv+Z8scs/jPnj1n8Z8kfs/jPmj9m8f96/pjFf7b8MYv/N/LHLP7fzB+z+M+eP2bx/1b+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/b+ePWfy/kz9m8V8of8zi/938MYv/wvljFv/v5Y9Z/L+fP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP5L5o9Z/H+QP2bxXyp/zOL/w/wxi/+P8scs/kvnj1n8l8kfs/gvmz9m8V8uf8zi/+P8MYv/8vljFv8V8scs/j/JH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/qvnj1n8f5o/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/uvmj1n8f5Y/ZvFfL3/M4r9+/pjFf4P8MYv/z/PHLP4b5o9Z/H+RP2bx3yh/zOK/cf6YxX+T/DGL/y/zxyz+v8ofs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/6/wxi/9v8scs/tvnj1n8d8gfs/jvmD9m8d8pf8zi/9v8MYv/7/LHLP6/zx+z+O+cP2bx3yV/zOL/h/wxi/8f88cs/rvmj1n8/5Q/ZvHfLX/M4r97/pjFf4/8MYv/n/PHLP5/yR+z+O+ZP2bx3yt/zOK/d/6YxX+f/DGL/775Yxb//fLHLP77549Z/A/IH7P4H5g/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+P81f8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf8zi/2b+mMX/rfwxi//b+WMW/3fyxyT+gwfyxyz+g/LHLP7D5I9Z/IfNH7P4D84fs/gPlz9m8R8+f8ziP0L+mMV/xPwxi/9I+WMW/5Hzxyz+o+SPWfxHzR+z+I+WP2bxHz1/zOI/Rv6YxX/M/DGL/1j5Yxb/sfPHLP6fyh+z+I+TP2bxHzd/zOL/6fwxi/94+WMW//Hzxyz+n8kfs/hPkD9m8f9s/pjFf8L8MYv/RPljFv+J88cs/pPkj1n8J80fs/h/Ln/M4j9Z/pjFf/L8MYv/FPljFv8p88cs/lPlj1n8P58/ZvGfOn/M4v+F/DGL/xfzxyz+X8ofs/h/OX/M4v+V/DGL/1fzxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/9fyxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOL/9fwxi/9s+WMW/2/kj1n8v5k/ZvGfPX/M4v+t/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv8F88cs/t/OH7P4fyd/zOK/UP6Yxf+7+WMW/4Xzxyz+38sfs/h/P3/M4r9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8l8wfs/j/IH/M4r9U/pjF/4f5Yxb/H+WPWfyXzh+z+C+TP2bxXzZ/zOK/XP6Yxf/H+WMW/+Xzxyz+K+SPWfx/kj9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+P80f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+P8sf8ziv17+mMV//fwxi/8G+WMW/5/nj1n8N8wfs/j/In/M4r9R/pjFf+P8MYv/JvljFv9f5o9Z/H+VP2bx3zR/zOK/Wf6YxX/z/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/9f5Yxb/3+SPWfy3zx+z+O+QP2bx3zF/zOK/U/6Yxf+3+WMW/9/lj1n8f58/ZvHfOX/M4r9L/pjF/w/5Yxb/P+aPWfx3zR+z+P8pf8ziv1v+mMV/9/wxi/8e+WMW/z/nj1n8/5I/ZvHfM3/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/gfkD9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvH/a/6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6Yxf/N/DGL/1v5Yxb/t/PHLP7v5I9J/IcbyB+z+A/KH7P4D5M/ZvEfNn/M4j84f8ziP1z+mMV/+Pwxi/8I+WMW/xHzxyz+I+WPWfxHzh+z+I+SP2bxHzV/zOI/Wv6YxX/0/DGL/xj5Yxb/MfPHLP5j5Y9Z/MfOH7P4fyp/zOI/Tv6YxX/c/DGL/6fzxyz+4+WPWfzHzx+z+H8mf8ziP0H+mMX/s/ljFv8J88cs/hPlj1n8J84fs/hPkj9m8Z80f8zi/7n8MYv/ZPljFv/J88cs/lPkj1n8p8wfs/hPlT9m8f98/pjFf+r8MYv/F/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/GfPHLP5fyx+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/9fzxyz+s+WPWfy/kT9m8f9m/pjFf/b8MYv/t/LHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/gvkj1n8F8wfs/h/O3/M4v+d/DGL/0L5Yxb/7+aPWfwXzh+z+H8vf8zi//38MYv/IvljFv9F88cs/ovlj1n8F88fs/gvkT9m8V8yf8zi/4P8MYv/UvljFv8f5o9Z/H+UP2bxXzp/zOK/TP6YxX/Z/DGL/3L5Yxb/H+ePWfyXzx+z+K+QP2bx/0n+mMV/xfwxi/9K+WMW/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf9v8MYv/dvljFv9f549Z/H+TP2bx3z5/zOK/Q/6YxX/H/DGL/075Yxb/3+aPWfx/lz9m8f99/pjFf+f8MYv/LvljFv8/5I9Z/P+YP2bx3zV/zOL/p/wxi/9u+WMW/93zxyz+e+SPWfz/nD9m8f9L/pjFf8/8MYv/XvljFv+988cs/vvkj1n8980fs/jvlz9m8d8/f8zif0D+mMX/wPwxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/6/5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzxyz+L+WPWfxfzh+z+L+SP2bxfzV/zOL/Wv6Yxf/1/DGL/xv5Yxb/N/PHLP5v5Y9Z/N/OH7P4v5M/JvEffiB/zOI/KH/M4j9M/pjFf9j8MYv/4Pwxi/9w+WMW/+Hzxyz+I+SPWfxHzB+z+I+UP2bxHzl/zOI/Sv6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4v+p/DGL/zj5Yxb/cfPHLP6fzh+z+I+XP2bxHz9/zOL/mfwxi/8E+WMW/8/mj1n8J8wfs/hPlD9m8Z84f8ziP0n+mMV/0vwxi//n8scs/pPlj1n8J88fs/hPkT9m8Z8yf8ziP1X+mMX/8/ljFv+p88cs/l/IH7P4fzF/zOL/pfwxi/+X88cs/l/JH7P4fzV/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/GfMH7P4fy1/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP5fzx+z+M+WP2bx/0b+mMX/m/ljFv/Z88cs/t/KH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8V8wf8zi/+38MYv/d/LHLP4L5Y9Z/L+bP2bxXzh/zOL/vfwxi//388cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMV/yfwxi/8P8scs/kvlj1n8f5g/ZvH/Uf6YxX/p/LH/UP9BH7Iefpn8sf9Q/3f7++1/2fwxi/9y+WMW/x/nj1n8l88fs/ivkD9m8f9J/pjFf8X8sUEXDRo6M//Z/ivlj1m2/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf9v8MYv/dvljFv9f549Z/H+TP2bx3z5/zOK/Q/6YxX/H/DGL/075Yxb/3+aPWfx/lz9m8f99/pjFf+f8MYv/LvljFv8/5I9Z/P+YP2bx3zV/zOL/p/wxi/9u+WMW/93zxyz+e+SPWfz/nD9m8f9L/pjFf8/8MYv/XvljFv+988cs/vvkj1n8980fs/jvlz9m8d8/f8zif0D+mMX/wPwxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/6/5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzHxgJLrP4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljFv/X88cs/m/kj1n838wfs/i/lT9m8X87f8zi/07+mMR/hIH8MYv/oPwxi/8w+WMW/2Hzxyz+g/PHLP7D5Y9Z/IfPH7P4j5A/ZvEfMX/M4j9S/pjFf+T8MYv/KPljFv9R88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+QxvxH85Z/MfOH7P4fyp/zOI/Tv6YxX/c/DGL/6fzxyz+4+WPWfzHzx+z+H8mf8ziP0H+mMX/s/ljFv8J88cs/hPlj1n8J84fs/hPkj9m8Z80f8zi/7n8MYv/ZPljFv/J88cs/lPkj1n8p8wfs/hPlT9m8f98/pjFf+r8MYv/F/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/GfPHLP5fyx+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/9fzxyz+s+WPWfy/kT9m8f9m/pjFf/b8MYv/t/LHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/gvkj1n8F8wfs/h/O3/M4v+d/DGL/0L5Yxb/7+aPWfwXzh+z+H8vf8zi//38MYv/IvljFv9F88cs/ovlj1n8F88fs/gvkT9m8V8yf8zi/4P8MYv/UvljFv8f5o9Z/H+UP2bxXzp/zOK/TP6YxX/Z/DGL/3L5Yxb/H+ePWfyXzx+z+K+QP2bx/0n+mMV/xfwxi/9K+WMW/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf1v0b42w+G+XNmbx/3X+mMX/N/ljFv/t88cs/jvkj1n8d3zP/613Pqlx/Ztm8d+p7R+z+P82f8zi/7v8MYv/7/PHLP47549Z/HfJH7P4/yF/zOL/x/wxi/+u+WMW/z/lj1n8d8sfs/jvnj9m8d8jf8zi/+f8MYv/X/LHLP575o9Z/PfKH7P4750/ZvHfJ3/M4r9v/pjFf7/8MYv//vljFv8D8scs/gfmj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5/zR+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxi/+r+WMW/9fyxyz+r+ePWfzfyB+z+L+ZP2bxfyt/zOL/dv6Yxf+d/DGJ/4gD+WMW/0H5Yxb/YfLHLP7D5o9Z/Afnj1n8h8sfs/gPnz9m8R8hf8ziP2L+mMV/pPwxi//I+WMW/1Hyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/T+WPWfzHyR+z+I+bP2bx/3T+mMV/vPwxi//4+WMW/8/kj1n8J8gfs/h/Nn/M4j9h/pjFf6L8MYv/xPljFv9J8scs/pPmj1n8P5c/ZvGfLH/M4j95/pjFf4r8MYv/lPljFv+p8scs/p/PH7P4T50/ZvH/Qv6Yxf+L+WMW/y/lj1n8v5w/ZvH/Sv6Yxf+r+WMW/2nyxyz+0+aPWfynyx+z+E+fP2bxnyF/zOI/Y/6Yxf9r+WMW/5nyxyz+M+ePWfxnyR+z+M+aP2bx/3r+mMV/tvwxi/838scs/t/MH7P4z54/ZvH/Vv6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjFf4H8MYv/gvljFv9v549Z/L+TP2bxXyh/zOL/3fwxi//C+WMW/+/lj1n8v58/ZvFfJH/M4r9o/pjFf7H8MYv/4vljFv8l8scs/kvmj1n8f5A/ZvFfKn/M4v/D/DGL/4/yxyz+S+ePWfyXyR+z+C+bP2bxXy5/zOL/4/wxi//y+WMW/xXyxyz+P8kfs/ivmD9m8V8pf8ziv3L+mMV/lfwxi/+q+WMW/9Xyxyz+q+ePWfx/mj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfx/lj9m8V8vf8ziv37+mMV/g/wxi//P88cs/hvmj1n8f5E/ZvHfKH/M4r9x/pjFf5P8MYv/L/PHLP6/yh+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/r/DGL/2/yxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/2/wxi//v8scs/r/PH7P475w/ZvHfJX/M4v+H/DGL/x/zxyz+u+aPWfz/lD9m8d8tf8ziv3v+mMV/j/wxi/+f88cs/n/JH7P475k/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8D8gfs/gfmD9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4/zV/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYP/oMEDIz6dP2bwH7L9P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/ljFv8X88cs/i/lj1n8X84fs/i/kj9m8X81f8zi/1r+mMX/9fwxi/8b+WMW/zfzxyz+b+WPWfzfzh+z+L+TPybxH2kgf8ziPyh/zOI/TP6YxX/Y/DGL/+D8MYv/cPljFv/h88cs/iPkj1n8R8wfs/iPlD9m8R85f8ziP0r+mMV/1Pwxi/9o+WMW/9Hzxyz+Y+SPWfzHzB+z+I+VP2bxHzt/zOL/qfwxi/84+WMW/3Hzxyz+n84fs/iPlz9m8R8/f8zi/5n8MYv/BPljFv/P5o9Z/CfMH7P4T5Q/ZvGfOH/M4j9J/pjFf9L8MYv/5/LHLP6T5Y9Z/CfPH7P4T5E/ZvGfMn/M4j9V/pjF//P5Yxb/qfPHLP5fyB+z+H8xf8zi/6X8MYv/l/PHLP5fyR+z+H81f8ziP03+mMV/2oGBzT+pIf07Z/Gfru0fs/hPnz9m8Z8hf8ziP2P+mMX/a/ljFv+Z8scs/jPnj1n8Z8kfs/jPmj9m8f96/pjFf7b8MYv/N/LHLP7fzB+z+M+eP2bx/1b+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/b+ePWfy/kz9m8V8of8zi/938MYv/wvljFv/v5Y9Z/L+fP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP5L5o9Z/H+QP2bxXyp/zOL/w/wxi/+P8scs/kvnj1n8l8kfs/gvmz9m8V8uf8zi/+P8MYv/8vljFv8V8scs/j/JH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/qvnj1n8f5o/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/uvmj1n8f5Y/ZvFfL3/M4r9+/pjFf4P8MYv/z/PHLP4b5o9Z/H+RP2bx3yh/zOK/cf6YxX+T/DGL/y/zxyz+v8ofs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/6/wxi/9v8scs/tvnj1n8d8gfs/jvmD9m8d8pf8zi/9v8MYv/7/LHLP6/zx+z+O+cP2bx3yV/zOL/h/wxi/8f88cs/rvmj1n8/5Q/ZvHfLX/M4r97/pjFf4/8MYv/n/PHLP5/yR+z+O+ZP2bx3yt/zOK/d/6YxX+f/DGL/775Yxb//fLHLP77549Z/A/IH7P4H5g/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+P81f8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf8zi/2b+mMX/rfwxi//b+WMW/3fyxyT+Iw/kj1n8B+WPWfyHyR+z+A+bP2bxH5w/ZvEfLn/M4j98/pjFf4T8MYv/iPljFv+R8scs/iPnj1n8R8kfs/iPmj9m8R8tf8ziP3r+mMV/jPwxi/+Y+WMW/7Hyxyz+Y+ePWfw/lT9m8R8nf8ziP27+mMX/0/ljFv/x8scs/uPnj1n8P5M/ZvGfIH/M4v/Z/DGL/4T5Yxb/ifLHLP4T549Z/CfJH7P4T5o/ZvH/XP6YxX+y/DGL/+T5Yxb/KfLHLP5T5o9Z/KfKH7P4fz5/zOI/df6Yxf8L+WMW/y/mj1n8v5Q/ZvH/cv6Yxf8r+WMW/6/mj1n8p8kfs/hPmz9m8Z8uf8ziP33+mMV/hvwxi/+M+WMW/6/lj1n8Z8ofs/jPnD9m8Z8lf8ziP2v+mMX/6/ljFv/Z8scs/t/IH7P4fzN/zOI/e/6Yxf9b+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/L+dP2bx/07+mMV/ofwxi/9388cs/gvnj1n8v5c/ZvH/fv6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4L5k/ZvH/Qf6YxX+p/DGL/w/zxyz+P8ofs/gvnT9m8V8mf8ziv2z+mMV/ufwxi/+P88cs/svnj1n8V8gfs/j/JH/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/ivnj9m8f9p/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8f9Z/pjFf738MYv/+vljFv8N8scs/j/PH7P4b5g/ZvH/Rf6YxX+j/DGL/8b5Yxb/TfLHLP6/zB+z+P8qf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/6/zxyz+v8kfs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/9v88cs/r/LH7P4/z5/zOK/c/6YxX+X/DGL/x/yxyz+f8wfs/jvmj9m8f9T/pjFf7f8MYv/7vljFv898scs/n/OH7P4/yV/zOK/Z/6YxX+v/DGL/975Yxb/ffLHLP775o9Z/PfLH7P4758/ZvE/IH/M4n9g/pjF/6D8MYv/wfljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvE/I3/M4n9m/pjF/6z8MYv/2fljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zif2H+mMX/ovwxi//F+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOL/1/wxi/+V+WMW/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfs/i/mj9m8X8tf8zi/3r+mMX/jfwxi/+b+WMW/7fyxyz+b+ePWfzfyR+T+I8ykD9m8R+UP2bxHyZ/zOI/bP6YxX9w/pjFf7j8MYv/8PljFv8R8scs/iPmj1n8R8ofs/iPnD9m8R8lf8ziP2r+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bx/1T+mMV/nPwxi/+4+WMW/0/nj1n8x8sfs/iPnz9m8f9M/pjFf4L8MYv/Z/PHLP4T5o9Z/CfKH7P4T5w/ZvGfJH/M4j9p/pjF/3P5Yxb/yfLHLP6T549Z/KfIH7P4T5k/ZvGfKn/M4v/5/DGL/9T5Yxb/L+SPWfy/mD9m8f9S/pjF/8v5Yxb/r+SPWfy/mj9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+M+aPWfy/lj9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/6/nj1n8Z8sfs/h/I3/M4v/N/DGL/+z5Yxb/b+WPWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/BfIH7P4L5g/ZvH/dv6Yxf87+WMW/4Xyxyz+380fs/gvnD9m8f9e/pjF//v5Yxb/RfLHLP6L5o9Z/BfLH7P4L54/ZvFfIn/M4r9k/pjF/wf5Yxb/pfLHLP4/zB+z+P8of8ziv3T+mMV/mfwxi/+y+WMW/+Xyxyz+P84fs/gvnz9m8V8hf8zi/5P8MYv/ivljFv+V8scs/ivnj1n8V8kfs/ivmj9m8V8tf8ziv3r+mMX/p/ljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8ziv27+mMX/Z/ljFv/18scs/uvnj1n8N8gfs/j/PH/M4r9h/pjF/xf5Yxb/jfLHLP4b549Z/DfJH7P4/zJ/zOL/q/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/7fLHLP6/zh+z+P8mf8ziv33+mMV/h/wxi/+O+WMW/53yxyz+v80fs/j/Ln/M4v/7/DGL/875Yxb/XfLHLP5/yB+z+P8xf8ziv2v+mMX/T/ljFv/d8scs/rvnj1n898gfs/j/OX/M4v+X/DGL/575Yxb/vfLHLP57549Z/PfJH7P475s/ZvHfL3/M4r9//pjF/4D8MYv/gfljFv+D8scs/gfnj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/mflj7/sPjDgw8J/sf1b+mGX7Pzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8/5o/ZvG/Mn/M4n9V/pjF/+r8MYv/NfljFv9r88cs/tflj1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/ljzn8k/+oHP4DozzRWoBZ/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+z+L+VP2bxfzt/zOL/Tv6YxH/Ugfwxi/+g/DGL/zD5Yxb/YfPHLP6D88cs/sPlj1n8h88fs/iPkD9m8R8xf8ziP1L+mMV/5Pwxi/8o+WMW/1Hzxyz+o+WPWfxHzx+z+I+RP2bxHzN/zOI/Vv6YxX/s/DGL/6fyxyz+4+SPWfzHzR+z+H86f8ziP17+mMV//Pwxi/9n8scs/hPkj1n8P5s/ZvGfMH/M4j9R/pjFf+L8MYv/JPljFv9J88cs/p/LH7P4T5Y/ZvGfPH/M4j9F/pjFf8r8MYv/VPljFv/P549Z/KfOH7P4fyF/zOL/xfwxi/+X8scs/l/OH7P4fyV/zOL/1fwxi/80+WMW/2nzxyz+0+WPWfynzx+z+M+QP2bxnzF/zOL/tfwxi/9M+WMW/5nzxyz+s+SPWfxnzR+z+H89f8ziP1v+mMX/G/ljFv9v5o9Z/GfPH7P4fyt/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4r9A/pjFf8H8MYv/t/PHLP7fyR+z+C+UP2bx/27+mMV/4fwxi//38scs/t/PH7P4L5I/ZvFfNH/M4r9Y/pjFf/H8MYv/EvljFv8l88cs/j/IH7P4L5U/ZvH/Yf6Yxf9H+WMW/6Xzxyz+y+SPWfyXzR+z+C+XP2bx/3H+mMV/+fwxi/8K+WMW/5/kj1n8V8wfs/ivZPT/F+6wxX9lo/+/kMV/lfwxi/+q+WMW/9Xyxyz+q+ePWfx/mj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfx/lj9m8V8vf8ziv37+mMV/g/wxi//P88cs/hvmj1n8f5E/ZvHfKH/M4r9x/pjFf5P8MYv/L/PHLP6/yh+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/r/DGL/2/yxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/2/wxi//v8scs/r/PH7P475w/ZvHfJX/M4v+H/DGL/x/zxyz+u+aPWfz/lD9m8d8tf8ziv3v+mMV/j/wxi/+f88cs/n/JH7P475k/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8D8gfs/gfmD9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4/zV/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+z+L+eP2bxfyN/zOL/Zv6Yxf+t/DGL/9v5Yxb/d/LHJP6jDeSPWfwH5Y9Z/IfJH7P4D5s/ZvEfnD9m8R8uf8ziP3z+mMV/hPwxi/+I+WMW/5Hyxyz+I+ePWfxHyR+z+I+aP2bxHy1/zOI/ev6YxX+M/DGL/5j5Yxb/sfLHLP5j549Z/D+VP2bxHyd/zOI/bv6Yxf/T+WMW//Hyxyz+4+ePWfw/kz9m8Z8gf8zi/9n8MYv/hPljFv+J8scs/hPnj1n8J8kfs/hPmj9m8f9c/pjFf7L8MYv/5PljFv8p8scs/lPmj1n8p8ofs/h/Pn/M4j91/pjF/wv5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfynyR+z+E+bP2bxny5/zOI/ff6YxX+G/DGL/4z5Yxb/r+WPWfxnyh+z+M+cP2bxnyV/7B/8h1425ic8pv9PfYT/rPljlu3/6/ljFv/Z8scs/t/IH7P4fzN/zOI/e/6Yxf9b+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/L+dP2bx/07+mMV/ofwxi/9388cs/gvnj1n8v5c/ZvH/fv6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4L5k/ZvH/Qf6YxX+p/DGL/w/zxyz+P8ofs/gvnT9m8V8mf8ziv2z+mMV/ufwxi/+P88cs/svnj1n8V8gfs/j/JH/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/ivnj9m8f9p/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8f9Z/pjFf738MYv/+vljFv8N8scs/j/PH7P4b5g/ZvH/Rf6YxX+j/DGL/8b5Yxb/TfLHLP6/zB+z+P8qf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/6/zxyz+v8kfs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/9v88cs/r/LH7P4/z5/zOK/c/6YxX+X/LH/VP8RP+T/h/yx/1T/gQ/5/zF/zOK/a/6Yxf9P+WMW/93yxyz+u+ePWfz3yB+z+P85f8zi/5f8MYv/nvljFv+98scs/nvnj1n898kfs/jvmz9m8d8vf8ziv3/+mMX/gPwxi/+B+WMW/4Pyxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL/4X5Yxb/i/LHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/X/PHLP5X5o9Z/K/KH7P4X50/ZvG/Jn/M4n9t/pjF/7r8MYv/9fljFv8b8scs/jfmj1n8b8ofs/jfnD9m8b8lf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+d+aPWfzvyh+z+N+dP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP4P5o9Z/B/KH7P4P5w/ZvF/5MP+W/wvj+vfNIv/o23/mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljFv838scs/m/mj1n838ofs/i/nT9m8X8nf0ziP/pA/pjFf1D+mMV/mPwxi/+w+WMW/8H5Yxb/4fLHLP7D549Z/EfIH7P4j5g/ZvEfKX/M4j9y/pjFf5T8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMX/U/ljFv9x8scs/uPmj1n8P50/ZvEfL3/M4j9+/pjF/zP5Yxb/CfLHLP6fzR+z+E+YP2bxnyh/zOI/cf6YxX+S/DGL/6T5Yxb/z+WPWfwnyx+z+E+eP2bxnyJ/zOI/Zf6YxX+q/DGL/+fzxyz+U+ePWfy/kD9m8f9i/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9a/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v54/ZvGfLX/M4v+N/DGL/zfzxyz+s+ePWfy/lT9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6Yxf/b+WMW/+/kj1n8F8ofs/h/N3/M4r9w/pjF/3v5Yxb/7+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL/5L5Yxb/H+SPWfyXyh+z+P8wf8zi/6P8MYv/0vljFv9l8scs/svmj1n8l8sfs/j/OH/M4r98/pjFf4X8MYv/T/LHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv+f5o9Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv+f5Y9Z/NfLH7P4r58/ZvHfIH/M4v/z/DGL/4b5Yxb/X+SPWfw3yh+z+G+cP2bx3yR/zOL/y/wxi/+v8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy3yx+z+P86f8zi/5v8MYv/9vljFv8d8scs/jvmj1n8d8ofs/j/Nn/M4v+7/DGL/+/zxyz+O+ePWfx3yR+z+P8hf8zi/8f8MYv/rvljFv8/5Y9Z/HfLH7P4754/ZvHfI3/M4v/n/DGL/1/yxyz+e+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+f80fs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT9m8X8rf8zi/3b+mMX/nfwxif8YA/ljFv9B+WMW/2Hyxyz+w+aPWfwH549Z/IfLH7P4D58/ZvEfIX/M4j9i/pjFf6T8MYv/yPljFv9R8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/0/lj1n8x8kfs/iPmz9m8f90/pjFf7z8MYv/+PljFv/P5I9Z/CfIH7P4fzZ/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/D+X//+PnbsP97qu7zj+454sZ592Xeo122UXGnNtRiKjUQtRUTzenDLRzHuEw01yIzcSYApstFLHpkvdLNjEwjFnq5Y43Fx3KxqWNVsjtlY5xbUwxhwsMmfsOnAOwdnbc+182ffr8v14/ME5v9/x/Ut5Xi9/Py+uq1CW/sP0D2Xpf5z+oSz9j9c/lKX/a/UPZek/XP9Qlv6/oH8oS/8T9A9l6f+L+oey9H+d/qEs/X9J/1CW/r+sfyhL/xP1D2Xp/3r9Q1n6j9A/lKX/G/QPZel/kv6hLP1H6h/K0v9k/UNZ+o/SP5Sl/6/oH8rSf7T+oSz936h/KEv/X9U/lKX/GP1DWfq/Sf9Qlv5v1j+Upf+v6R/K0v8t+oey9B+rfyhL/1P0D2XpP07/UJb+p+ofytL/NP1DWfqfrn8oS//x+oey9D9D/1CW/mfqH8rSf4L+oSz9z9I/lKV/m/6hLP3P1j+Upf85+oey9D9X/1CW/ufpH8rSv13/UJb+b9U/lKX/2/QPZel/vv6hLP3frn8oS/8L9A9l6T9R/1CW/hfqH8rS/yL9Q1n6v0P/UJb+F+sfytL/nfqHsvS/RP9Qlv6X6h/K0v8y/UNZ+l+ufyhL/yv0D2Xpf6X+oSz9r9I/lKX/JP1DWfpfrX8oS//J+oey9J+ifyhL/w79Q1n6T9U/lKX/NP1DWfpP1z+Upf8M/UNZ+r9L/1CW/tfoH8rSf6b+oSz9Z+kfytJ/tv6hLP3n6B/K0v9a/UNZ+s/VP5Sl/zz9Q1n6z9c/lKX/Av1DWfpfp38oS/+F+oey9H+3/qEs/RfpH8rSf7H+oSz9l+gfytL/ev1DWfq/R/9Qlv436B/K0v9G/UNZ+i/VP5Sl/zL9Q1n6L9c/lKX/r+sfytL/N/QPZem/Qv9Qlv7v1T+Upf9v6h/K0v99+oey9H+//qEs/W/SP5Sl/836h7L0v0X/UJb+v6V/KEv/lfqHsvT/bf1DWfr/jv6hLP1v1T+Upf9t+oey9P9d/UNZ+n9A/1CW/rfrH8rS/w79Q1n636l/KEv/39M/lKX/7+sfytL/Lv1DWfp/UP9Qlv4f0j+Upf8q/UNZ+q/WP5Sl/x/oH8rS/w/1D2Xpf7f+oSz91+gfytL/Hv1DWfp/WP9Qlv4f0T+Upf9a/UNZ+t+rfyhL/z/SP5Sl/zr9Q1n6/7H+oSz979M/lKX/n+gfytL/fv1DWfp/VP9Qlv5/qn8oS/+P6R/K0v/j+oey9P+E/qEs/f9M/1CW/p/UP5Sl/wP6h7L0X69/KEv/B/UPZen/5/qHsvTfoH8oS/+H9A9l6f8X+oey9P9L/UNZ+j+sfyhL/7/SP5Sl/6f0D2Xp/2n9Q1n6f0b/UJb+n9U/lKX/5/QPZen/1/qHsvT/vP6hLP2/oH8oS/+N+oey9P+i/qEs/f9G/1CW/pv0D2Xp/4j+oSz9v6R/KEv/L+sfytL/Uf1DWfp/Rf9Qlv5f1T+Upf/f6h/K0v8x/UNZ+n9N/1CW/n+nfyhL/6/rH8rS/+/1D2Xpv1n/UJb+39A/lKX/Fv1DWfr/g/6hLP3/Uf9Qlv7f1D+Upf8/6R/K0v9b+oey9P+2/qEs/b+jfyhL/8f1D2Xp/8/6h7L0f0L/UJb+T+ofytJ/q/6hLP2f0j+Upf+/6B/K0v+7+oey9P9X/UNZ+n9P/1CW/tv0D2Xp/7T+oSz9v69/KEv/7fqHsvT/N/1DWfrv0D+Upf+/6x/K0v8Z/UNZ+v+H/qEs/XfqH8rSf5f+oSz9/1P/UJb+P9A/lKX/bv1DWfr/UP9Qlv7P6h/K0v9H+oey9H9O/1CW/v+lfyhL/+f1D2Xp/2P9Q1n679E/lKT/K1v6h7L076d/KEv//vqHsvQfoH8oS/+B+oey9B+kfyhL/8H6h7L0H6J/KEv/ofqHsvR/mf6hLP0P0z+Upf/L9Q9l6f8K/UNZ+h+ufyhL/5/RP5Sl/xH6h15y/QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6/mb94yTWTZs7smOcb3/jGN/u/ebH/zQQAAPxf+8mH/hf77wQAAAAAAAAAAAAAAAAAAADyauL/TuzF/mcEAAAAAAAAAAAAAICfdm3tp24f0O+gpwYc+ODnH+3Y+3XU7ounr137YOn+2vXjc4KX7H/ggz179uxZ/czY8V0Ph7Rarc7/tVd2PR7a87jz9Zcdu+rofY/KuM/f+fgVEw8/d9762wZ+Y/Ut7U8P2vvsoNZVU2fM7HhD/1arnD6otajzwUn9Wq1y5qDWrZ0PRnY+mDCota7zwcl7H7ys9ZnOB6+fPGfmlM4nzqr8ewYvFW3ty1oDDlps66B/Gxy4/2XHPjG9+2svL9n9agNbXfsftv5LR/X4WbcX2H/365dTe+6/z/+AwAvq2/6f3dL9tZeX/B/v/x/etHtJ9LMX3n/365fT7B/qE3z+P2ijPT/39/j8/5rgJfffnzJ00+2d+2+78L5Xdz018H/z+f8nr19O77n//gd9/u/8HD+++/P/kFarnHGIvx2QSlv78u29vf/3vv+BP9fjpt+B+7/nK1tf0bn/e59rreh6alAf9z++t/f/m3r8vQJ909a+Zk+P9/8+7L81PHjJ/fvftv7wvZ//t94/+cgDftaX/Z/Rc/8jFsy6dsT8xUtOnDFr0rSOaR2zx4wcfdKoMWNGjx6x9xPBvl8P8TcFkji09//WYT1u+rVaHfvvN953y/jO/e94aMVHup4a2sf9n9nr+/9rvP9DaFj/1uDBrUWTFiyYd9K+X7sfjtz3676/LNh/H/77/7gTuv6y7j8z7NdqHb3/fvgVY4Z07v/6uWVD11OD+7j/Cb3uf9zBf1YJ9M0hvv9P6XFz0P5P2Xbjws79H/+DV23teqqv//1/Vq/7v9v7PxyKtvZWrW+infs/ecjys6tdlzZ//gf1aWL/x+68dVe163K2/UN9mtj/xJVvvrradTnH/qE+Tez/wVlXrqx2Xc61f6hPE/t//md3HVPtupxn/1CfJvb/2HefWlvturTbP9Snif1/8K72k6tdl7faP9Snif2feN0Px1a7Lm+zf6hPE/uf+vIL1lW7LufbP9Snif2fvee0I6tdl7fbP9Snif33W/69ZdWuywX2D/VpYv9PTlo5p9p1mWj/UJ8m9r/u2OHPVrsuF9o/1KeJ/a94+o0Tql2Xi+wf6tPE/r96x6rHql2Xd9g/1KeJ/X/isletqnZdLrZ/qE8T+//RsIcOq3Zd3mn/UJ8m9r9587oHql2XS+wf6tPE/levGzCs2nW51P6hPk3sf+lZ0x6tdl0us3+oTxP7HzX6y5dWuy6X2z/Up4n9H/25bz1V7bpcYf9Qnyb2f8HDC+dXuy5X2j/Up4n9Lzzm4z+udl2usn+oTxP7f0vHMdOrXZdJ9g/1aWL/5bbDNle7LlfbP9Snif1fsmPNuGrXZbL9Q32a2P+GI77wsWrXZYr9Q32a2P/OubPHVLsuHfYP9Wli/99579L3VbsuU+0f6tPE/m9/7uul2nWZZv9Qnyb2v23kJZdVuy7T7R/q08T+15z7zCPVrssM+4f6NLH/lRseX1DturzL/qE+Tex/48Zznqh2Xa6xf6hPE/s/fviIw6tdl5n2D/VpYv9zLl7xoWrXZZb9Q32a2P/p99/x2mrXZbb9Q32a2P/Qr439ZLXrMsf+oT5N7P/TY9//qWrX5Vr7h/o0sf9d4447odp1mWv/UJ8m9r/lgZF3Vrsu8+wf6tPE/j/wyF0Vr8t8+4f6NLH/ua97fke167LA/qE+Tez/TRMvWlztulxn/1CfJvZ/5N0Tvljtuiy0f6hPE/u//NvfP7/adXm3/UN9mtj/cUdd/epq12WR/UN9mtj/9Bmbbq52XRbbP9Snif2PX71lVLXrssT+oT5N7P+IJ+ffU+26XG//UJ8m9r99wFHnVbsu77F/qE8T+7/3hoe/We263GD/UJ8m9n/zTR/tqHZdbrR/qE8T+//s7sE7q12XpfYPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/zQ4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAPHAgAAAADC/K2D6N0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICjAAAA//8mu+jL")
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x7)
faccessat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2)

3.731588498s ago: executing program 4 (id=2329):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f0000000040)='./file0\x00', 0xa1080a, &(0x7f0000000340)=ANY=[@ANYBLOB='dmask=00000000000000000002621,utf8,umask=00000000000000000200000,namecase=1,discard,errors=remount-ro,umask=00000000000000000200004,umask=00000000000000000003377,namecase=1,utf8,iocharset=iso8859-4,allow_utime=00000000000000000000011,dmask=01777777777777777777770,errors=remount-ro,uid=', @ANYRES8, @ANYRES16, @ANYRESDEC, @ANYRES16=0x0, @ANYRES8=0x0, @ANYRES16=0x0, @ANYRES32=0x0, @ANYRES64, @ANYRES32, @ANYRESDEC], 0x21, 0x1508, &(0x7f0000001f80)="$eJzs3AvUjdX2MPA511oPL0k7yeVlzTUfdrxYJEkuSXJJkuRIkltCkiRJUrnfkpCE3JPcQ3ILyf1+yz1JjiRJQkKS9Q3n6FTnnO/rf/7//sMY3zt/Y6yx19zPnmuvtec79n7W8469v+kwqEq9qhXrMDP8j+Dfb7oCQAoA9AWAawAgAoCS2Upmu3Q8k8au/7MnEX+uB6Ze6RmIK0nqn75J/dM3qX/6JvVP36T+6ZvUP32T+qdvUn8h0rOt03JfKy39Nrn+n57J5///Rw4XHf3F+qLXd/wPUqT+6ZvUP32T+qdvUv/0KcPlW6l/+ib1T9+k/umb1F+I9Oy/f+34P801AHDlr3dL+3270n9/QgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHSh3PhVwYAfulf6XkJIYQQQgghhBDizxMyXukZCCGEEEIIIYQQ4n8fggINBiLIABkhBTJBZrgKssDVkBWugQRcC9ngOsgO10MOyAm5IDekQh7ICxYIHDDEkA/yQxJugAJQENKgEBSGIuChKBSDG6E43AQl4GYoCbdAKbgVSkMZKAvl4DYoD7dDBbgDKsKdUAkqQxWoCndBNbgbqsM9UAPuhZpwH9SC+6E2/AXqwANQFx6EevAQ1IeHoQE0hEbQGJr8t/JfgBfhJegMXaArdIPu0AN6Qi/oDX2gL7wM/SDl8mszEAbBazAYXoch8AYMhWEwHN6EETASRsFoGANjYRy8BePhbZgA78BEmASTYQpMhWkwHd6FGTATZsF7MBvehzkwF+bBfFgAH8BCWASL4UNYAh/BUlgGy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW+Bi2wXbYATthF+yGPfAJ7IVPYR98Bvvh8/8w/+w/5XdEQECFCg0azIAZMAVTMDNmxiyYBbNiVkxgArNhNsyO2TEH5iiYC3NhKqZiXsyLhISMjPkwHyYxiQWwAKZhGhbGwujRYzEshsXxJiyBJbAklsRSWApLYxksg+WwHJbH8lgBK2BFrIiVsBJWwSp4F96Fd2N1rI41sAbWxJpYC2vh4Ty1sQ7WwbpYF+thPayP9bEBNsBG2AibYBNsik2xGTbDFtgCW2JLbIWtsDW2xjbYBttiW2yH7bA9tscO2AE74vP4PL6AL+BL+BJ2wUqqG3bH7tgTe2Jv7IN98GXsh6/gK/gqDsCBOAhfw9fwdRyCZ3AoDsPhOBzLq5E4Ckcjq7E4DsfheByPE3ACTsRJOAmn4FSchtNxOs7AmTgT38PZ+D6+j3NxLs7HBbgAF+IiXIyLcQmexaW4DJfjClyJq3AlrsG1uAbX4wZcj5twE27BLfgxfozbcTvuxJ24Gw0AfoKf4qc4APfjfjyAB/AgHsRDeAgP42E8gkfwKB7FY3gMj+NxPIEn8RSexNN4Gs/gWTyH5/A8nscL+GzqV3V3F1o3ANQlRhmVQWVQKSpFZVaZVRaVRWVVWVVCJVQ2lU1lV9lVDpVD5VK5VKpKVXnVj4oUKVaxyqfyqaRKqgKqgEpTaaqwKqy88qqYKqaKq+KqhCqhSqpbVCl1qyqtyqjmvpwqp8qrFr6CukNVVBVVJVVZVVFVVVVVTVVT1VV1VUPVUDVVTVVL3a9qq27YGx9QlypTTw3E+moQNlANVSPVWL2Oj6imagg2U81VC/WYGoZDsZVq6lurJ1UbNQrbqqfVaHxGtVdjsYN6TnVUz6tO6gX1omrmO6suaiJ2U93VFOypeqneqo+agZXVpYpVUa+qAWqgGqReU/PxdTVEvaGGqmFquHpTjVAj1Sg1Wo1RY9U49ZYar95WE9Q7aqKapCarKWqqmqamq3fVDDVTzVLvqdnqfTVHzVXz1Hy1QH2gFqpFarH6UC1RH6mlaplarlaolWqVWq3WqLVqnVqvNqiNapParLaorepjtU1tVzvUTrVL7VZ71Cdqr/pU7VOfqf3qc3VA/VUdVF+oQ+pLdVh9pY6or9VR9Y06pr5Vx9V36oQ6qU6p79Vp9YM6o86qc+pHdV79pC6on9VFFRRo1EprbXSkM+iMOkVn0pn1VTqLvlpn1dfohL5WZ9PX6ez6ep1D59S5dG6dqvPovNpq0k6zjnU+nV8n9Q26gC6o03QhXVgX0V4X1cX0jbq4vkmX0DfrkvoWXUrfqkvrMrqsLqdv0+X17bqCvkNX1HfqSrqyrqKr6rt0NX23rq7v0TX0vbqmvk/X0vfr2vovuo5+QNfVD+p6+iFdXz+sG+iGupFurJvoR3RT/ahuppvrFvox3VI/rlvpJ3Rr/aRuo5/SbfXTup1+RrfXz+oO+jndUT+vO+mf9UUddGd9+W1e99A9dS/dW/fRffXLup9+RffXr+oBeqAepF/Tg/Xreoh+Qw/Vw/Rw/aYeoUfqUXq0HqPH6nH6LT1ev60n6Hf0RD1JT9ZT9FQ9Tfe+PNKs/0L+2/8mv3/GS/Paorfqj/U2vV3v0Dv1Lr1b79F79F69V+/T+/R+vV8f0Af0QX1QH9KH9GF9WB/RR/RRfVQf08f0cX1cn9An9Y/6e31a/6DP6LPqlxVfuPwagEGjjDbGRCaDyWhSTCaT2VxlspirTVZzjUmYa002c53Jbq43OUxOk8vkNqkmj8lrrCHjDJvY5DP5TdLcgJfHNoVNEeNNUVPM3Pif5JsCpqBJM4V+l/9H82timpimpqlpZpqZFqaFaWlamlamlWltWps2po1pa9qadqadaW/amw6mg+loOppOppN50bxoOpvOpqvparqbHqan6WV6mz6mr3nZ9DP9TH/T3wwwA8wgM8gMNoPNEDPEDDVDzXAz3IwwI8woM8qMMWPMODPOjDfjzQQzwUw0E81kM9lMNVPNdDPdzDAzzCwzy8w2s80cM8fMM/PMArPALDQLzWKz2CwxS8zSDMvMMrPCrDCrzCqzxqwx68w6s8FsMJvMJrM041az1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL532RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO0qN8kR5IxtR5CKO4ihflD9KRjdEBaKCUVpUKCocFYl8VDQqFt0YFY9uikpEN0clo1uiUtGtUemoTFQ2KhfdFpWPbo8qRHdEFaM7o0pR5ahKVDW6K6oW3R1Vj+6JakT3RjWj+6Ja0f1R7egvUZ3ogahu9GBUL3ooqh89HDWIGkaNosZRkz91/BDO5HzUd7ZdbFfbzXa3PWxP28v2tn1sX/uy7Wdfsf3tq3aAHWgH2dfsYPu6HWLfsEPtMDvcvmlH2JF2lB1tx9ixdpx9y463b9sJ9h070U6yk+0UO9VOs9Ptu3aGnWln2ffsbPu+nWPn2nl2vl1gP7AL7SK72H5ol9iP7FK7zC63K+xKu8qutmvsWrvOrrcb7Ea7yW62W+xW+7HdZrfbHXan3WV32z32E7vXfmr32c/sfvu5PWD/ag/aL+wh+6U9bL+yR+zX9qj9xh6z39rj9jt7wp60p+z39rT9wZ6xZ+05+6M9b3+yF+zP9qINl07uL328kyFDGSgDpVAKZabMlIWyUFbKSglKUDbKRtkpO+WgHJSLclEqpVJeykuXMDHlo3yUpCQVoAKURmlUmAqTJ0/FqBgVp+JUgkpQSSpJpagUlabSVJbK0m10G91Ot9MddAfdSXdSZapMVakqVaNqVJ2qUw2qQTWpJtWiWlSbalMdqkN1qS7Vo3pUn+pTA2pAjagRNaEm1JSaUjNqRi2oBbWkltSKWlFrak1tqA21pbbUjtpRe2pPHagDdaSO1Ik60Yv0InWmztSVulJ36k49qSf1pt7Ul/pSP+pH/ak/DaABNIgG0WAaTENoCA2lYTSc3qQRNJJG0WgaQ2NpHI2j8TSeJtAEmkgTaTJNpqk0labTdJpBM2gWzaLZNJvm0ByaR/NoAS2ghbSQFtNiWkJLaCktpeW0nFbSSlpNq2ktraX1tJ420kbaTJtpK22lbbSNdtAO2kW7aA/tob20l/bRPtpP++kAHaCDdJAO0SE6TIfpCB2ho3SUjtExOk7H6QSdoFN0ik7TaTpDZ+gcnaPz9BNdoJ/pIgVKcZlcZneVy+KudlndNe6f41wut0t1eVxeZ10Ol/N3MTnn0lwhV9gVcd4VdcXcjS7t0pbqN3FpV8aVdeXcba68u91V+Je4mrvbVXf3uBruXlfV3fW7uKa7z9VyD7na7mFXxzV0dV1jV8895Oq7h10D19A1co1dS/e4a+WecK3dk66Neyr6p9gtdIvcWrfOrXcb3F73qTvnfnRH3TfuvPvJdXZdXF/3suvnXnH93atugBv4L/Fw96Yb4Ua6UW60G+PG/ks82U1xU900N92962a4mf8SL3AfuNlusZvj5rp5bv7f4ktzWuw+dEvcR26pW+aWuxVupVvlVrs1/5jrCrfJbXZb3B73idvmtrsdbqfb5Xb/Lb60jn3uM7fffe6OuK/dQfeFO+SOucPuq7/Fl9Z3zH3rjrvv3Al30p1y37vT7gd3xp392/ovrf1797O76IIDRlas2XDEGTgjp3AmzsxXcRa+mrPyNZzgazkbX8fZ+XrOwTk5F+fmVM7DedkysWPmmPNxfk7yDVyAC3IaF+LCXIQ9F+VifCMX55u4BN/MJfkWLsW3cmkuw2W5HN/G5fl2rsB3cEW+kytxZa7CVfkursZ3c3W+h2vwvVyT7+NafD/X5r9wHX6A6/KDXI8f4vr8MDfghtyIG3MTfoSb8qPcjJtzC36MW/Lj3Iqf4Nb8JLfhp7gtP83t+Bluz89yB36OO/Lz3Ilf4Bf5Je7MXbgrd+Pu3IN7ci/uzX24L7/M/fgV7s+v8gAeyIP4NR7Mr/MQfoOH8jAezm/yCB7Jo3g0j+GxPI7f4vH8Nk/gd3giT+LJPIWn8jSezu/yDJ7Js/g9ns3v8xyey/N4Pi/gD3ghL+LF/CEv4Y94KS/j5byCV/IqXs1reC2v4/W8gTfyJt7MW3grf8zbeDvv4J28i3fzHv6E9/KnvI8/4/38OR/gv/JB/oIP8Zd8mL/iI/w1H+Vv+Bh/y8f5Oz7BJ/kUf8+n+Qc+w2f5HP/I5/knvsA/80UODDHGKtaxiaM4Q5wxTokzxZnjq+Is8dVx1viaOBFfG2eLr4uzx9fHOeKcca44d5wa54nzxjam2MUcx3G+OH+cjG+IC8QF47S4UFw4LhL7uGhcLL4xLh7fFJeIb45LxrfEpeJb49Jxmfihe8vFt8Xl49vjCvEdccX4zrhSXDmuEleN74qrxXfH1eN74hrxvXGJ+L64Vnx/DJe/r1I3fjCuFz8U148fjhvEDeNGceO4SfxI3DR+NG4WN49bxI/FLePH41bxE3Hr+Mm4TfzUHx7vGneLu8c94h5xCPfoecn5yQXJD5ILk4uSi5MfJpckP0ouTS5LLk+uSK5MrkquTq5Jrk2uS65PbkhuTG5Kbk5uSYZQNSN49Mprb3zkM/iMPsVn8pn9VT6Lv9pn9df4hL/WZ/PX+ez+ep/D5/S5fG6f6vP4vN568s6zj30+n98n/Q2+gC/o03whX9gX8d4X9cV8Y9/EN/FN/aO+mW/uW/jH/GP+cf+4f8I/4Z/0bfxTvq1/2rfzz/j2/ln/rH/Od/TP+07+Bf+if8l39l18V9/Vd/fdfU/f0/f2vX1f39f38/18f9/fD/AD/CA/yA/2g/0QP8QP9UP9cD/cj/Aj/Cg/yo/xY/w4P86P9+P9BD/BT/QT/WQ/2U/1U/10P93P8DP8LD/Lz06b7ef4OX6en+cX+AV+oV/oF/vFfolf4pf6pX65X+5X+pV+tV/t1/q1fr1f7zf6jX6z3+y3+q1+m9/md/gdfpff5ff4PX6v3+v3+X1+v9/vD/gD/qA/6A/5L/1h/5U/4r/2R/03/pj/1h/33/kT/qQ/5b/3p/0P/ow/68/5H/15/5O/4H/2F33w4xJvJcYn3k5MSLyTmJiYlJicmJKYmpiWmJ54NzEjMTMxK/FeYnbi/cScxNzEvMT8xILEB4mFiUWJxYkPE0sSHyWWJpYllidWJFYmViVCyLMtDvlC/pAMN4QCoWBIC4VC4VAk+FA0FAs3huLhplAi3BxKhltCqXBrKB3KhLLh4dAgNAyNQuPQJDwSmoZHQ7PQPLQIj4WW4fHQKjwRWocnQ5vwVGgbng7twjOhfXg2dAjPhY6/7LjCS6Fz6BK6hm6he+gReoZeoXfoE/qGl0O/8EroH14NA8LAMCi8FgaH18OQ8EYYGoaF4eHNMCKMDKPC6DAmjA3jwlthfHg7TAjvhIlhUpgcpoSpYVqYHt4NM8LMMCu8F2aH98OcMDfMC/PDgvBBWBgWhcXhw7AkfBSWhmVheVgRVoZVYXVYE9aGdWF92BA2hk1hc9gStoaPw7awPewIO8OusDvsCZ+EveHTsC98FvaHz8OB8NdwMHwRDoUvw+HwVTgSvg5HwzfhWPg2HA/fhRPhZDgVvg+nww/hTDgbzoUfw/nwU7gQfg4X5TtrQgghhBD/JT3+4Hi3f3OfAYBf/pHQHQCu3p778G+PawDYmOPv/V4qtWUCAJ7s0uGBX1qlSl27dr382KUaovxzASDxT09wOV4GLeBxaA3Nofi/nV8v9fx5/oPxk7cAZP5NTgr8Gv9jfPz36++lHnls+MJS8bls/4/x5wKk5f81JxP8Gi+DFpdWA82hxP9l/JxN/2D+mb4YB9DsNzlZ4Nf419enGDwKT0Hr3z1SCCGEEEIIIYT4u16qbLs/2j9f2p+nAvxjh5wRAFLN3/t/tD8XQgghhBBCCCHElffM852eeKR16+btpCMd6UjnH50r/c4khBBCCCGE+LP9etL/632ZruSEhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIdOg3P/qVCQD+V35O7EqvUQghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhLjS/k8AAAD//9cUKe8=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001c80)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
fdatasync(r0)

2.604063302s ago: executing program 4 (id=2335):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20)
recvfrom(r0, 0x0, 0x0, 0x40010000, &(0x7f0000000080)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1, 0x2, 0x2, 0x4}}, 0x80)
syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0)

1.769147951s ago: executing program 6 (id=2345):
r0 = socket$kcm(0x29, 0x2, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000040)=0x80b, 0xed)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x200000000000000)

1.581174915s ago: executing program 4 (id=2348):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000700)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x1, @dev={0xfe, 0x80, '\x00', 0x33}, 0x1}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000000040)="a4", 0x1}], 0x1}}, {{&(0x7f00000000c0)={0xa, 0x4e24, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}, 0x1c, &(0x7f0000000680)=[{&(0x7f0000000100)=':', 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e24, 0x20, @empty, 0xd0}}, 0x4, 0x3}, &(0x7f0000000140)=0x90)

1.478255595s ago: executing program 6 (id=2350):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00000, &(0x7f0000000680)=ANY=[@ANYBLOB='uid=', @ANYRESDEC=0x0, @ANYBLOB=',iocharset=cp1255,utf8,uid=', @ANYRESDEC=0x0, @ANYBLOB=',novrs,iocharset=iso8859-6,shortad,,unhide,\x00'/54], 0x1, 0xc4d, &(0x7f0000003b00)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=")
r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)={0x200000, 0x200000, 0x1})
ftruncate(r0, 0x7ff)

1.126046077s ago: executing program 6 (id=2354):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f0000000000)=0x10000)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

1.094597811s ago: executing program 4 (id=2355):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f00000001c0)={{}, {}, [{0x2, 0x6}], {0x4, 0x2}, [], {}, {0x20, 0x5}}, 0x2c, 0x0)

986.28487ms ago: executing program 7 (id=2356):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x888e}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_FRAME={0x22, 0x33, @mgmt_frame=@reassoc_resp={{{0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x2}, @device_b, @broadcast, @random="f4c8035ad62c", {0x2, 0x8}}, 0x10, 0x1f, @random, @void, @void}}]}, 0x54}}, 0x4854)

846.112923ms ago: executing program 3 (id=2357):
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000040)={0x0, 0x0, "d607f8f9951e76c13f64323723e7eecdf40c363423eb3d259266ec9c37865c6c1a4640ce1b22bb3327ef4f001d34c09f39c3539e4f8d3ee0878ae95bc7f52363c468b257ff3e24852548deb01efd54f11ed2c41d078b9cf1fc8f72566153c97e4af37017ea6b16b694bb4a6e4606c3fb19d1d2bd3c8c4e97da2213f9d5c3b90400000000000000c279f03558083906666827d61dcc3a633bffff250b5a293e3877adc1660edbc9a0307a25720a170e7f5670e419dc44febf7ddc73fd4a5a0b6c28665f7f46c7084e17c809268103a2584ab40a68e528329d97afc3612e325c1eb4a3ab2e156a97444800", "0615e456c196e819a321fdb3690bfab19538829a732a01781564ef7738cb5b82a704b3952f81c68bb4ceeaad63206f88201638e87c4981cbf9332cbc9c4d69e392bd33237ece7ad91e44edac0da8dacad81adf2e08c21ad6b44ce1f90bd618c255ca40cdb411485fb48a51d329c816b3488c7d032ef69c502c6e1236bd381efd410165988847c1dcb98a18ca2b853910e52044fa3b3026cb88de269537c8f26ffc3b15cbf279832bfc90bd95939043182e88050dfd2a4784a5d1453610fb1f1c2bac36c3ecd3e6fb756ef8880debeef3636afd981d8af4ab119928448f90351aec113335eacf52a18c87738d9679d3acc032a16fbefc64776f363610a15b37bcd36e6a7cba931151b9c9ba5779d550e9ab21603a43a25f3b4895d8dc4f3ce0e7d5e964e888169ea79a0848e9338b3d34d62e963fbf98834f4455419907f0ffdb76373af77a34edee7789f56e7f01bdab9614a0d460f791a06e6cf5243bf2b3a1624a80ec7e1116f1c81f5ef4b895be74bf67eea9193428b58a8b62b7976d3d2e59796c46ec918c83cd49c3f43dbd2967586966c19ace7b0bef5f94eb333b362649f1bfa114f8b1f126e97ec672cff77e2130823fa7a1df6760c6a8917815e9f0a409ed32b133df7dc9afceffcd472b35145c83c9167764d25ce214133c6170adeb6653b30b226a3b6ff1363ac862a540c7fab584cd051ce7ee951e0f121d43cff75afbdec6bc6f6e8f7db58c8086751320d22ee8582e915cabc536e3767e9a9230c9ae8b92398f0ca2a7141ea4588af7afde10e5ec2a6fe85ba5712e126629d4e3998fc4721cb638f2ef8356049e3448466e2c400d5e8baf843fa399907cb526b791c5350ce29204cb6fe50b892a69ec6dbecc28f032a745738faa12c2a34222942fef0ec0511da5fe0b565ceac429da7cc25cfe0320b40a514723e2392a6a361032343edb79fd83cd0a354837153542fd61b3156b54c566036e493250c3a3214738e3cacc24a50d5dfd17d5008b4ca629c3062f3417cb69c48b8b888ae51256bb4e6c68e95a71a00383ad9df263f6a775ded64fef20ed5cb5f31c33cb86f839d00a12e40cd31219113619c4e0585454cb1776278bfd7f5c4275792afb790e83ff0fc6925355c7aee7a070477d9ec2292366e39b9dc66f7adcf449a1a718e5217183faf0f679efc5cef20bcdcf2d12ea0684084ec0d693256e280025b23b5a08b7b1ebe7d41fb045793f971d6ee066604818cb09d86c1eda99a44c35476a113fd5d1a7543f8f99424ebb78dd9e00d719502a6eafa743a061fa3fa55e4deaa0a011b6b9d633f10e0c9446b5a2e3f6d6014ab00695366c1a6bf0c32f703aebb7988c7d4d322681458e85626302c70f37628835e1fcfff1da3099c0b4af433eb9a51f9609f2c0c09a98b18880c846b34d6ac0210f073765666100976ee1d928893f983580ea47a012144633b98e02c3e81869534ab985eb3a73e0bac892dac949f85db949285a6a7a490b1075467226af23df82d8dd09b7282490fbb3ada9ed4cae8f761aefbe0701de6b132f12044c58ac1c2607c8f51361de5bed021dea13fd0a440263cf0b304522a324b581ab274e7bdae5994316657b5c0ab0220d9b08739729f7a35d436878c182aec4f08dd161c11ee5b7937fae7835e8bfe98a44c8d4bbb2e0eee0cb5d7c93517e96a9fc8132e60f3ef7c735bea1934b37df451f981c8d9210e61278c871e6dad6ceb89aa4d7245658a63e65cec7b81d307426a60a31cc917844a14e1d9ad83bef1c9f736d1836687c950d1275caece0d46ab9f3b0e95d9cf560eb8134e8346b35e0a6f60e6a87a14c4aeb3e0d06158390660a52a6e44b524c1e16de2bf99870f78fc81d267072bc63e97d3f26d23fd59799ff2c847d6a724cebc2377a582ba73d99a610a095c28d66c60910ac64b7d18847fa98fd8528b72e0a149b082c731575b2e2763e67c821ba29eecd8b8c87981c4fb1fbbaaa4e8aa077ec98de1362fc7af7a0ac5e3297fd0d924124b2e255b5cc4f6b0873f3d34418d5ae0d6f734628f38cb9b856b2db3fbb2fafb76983eabc51a348e55789e997fa25cbe6e5031bd2e33d4e2686f964a65d1abf7f96a20a8b270b1522ace4adf6fdade5cd3f101574960d13267e2382f70027ebe5ef7f9418e14e6a8a130d2aec2253c8fe21825e3295774db0c9b1340ea28a96589ba0d9f79aa61b92aea6f704ef7f716d849b8c77e6922e198a086d8133491d0bb85b925825a6d307d7cc8f09c655aa3edabf84c75560dfb279ee3e8b825323279edc58c3161e72cf9ae02ef80d500da922c0abeb8b164abd9c17ef7c02e89000d67b0c2ddd078cacbf37c4826be3845948d598980d63c1d7aade89d0637d80a4c102a35eb027a08ef90cc20d17fc514926914e68e5de54b861200ffa4ce1cbc16e4ecf342a1176cdb561f7dea38b3ae0fd81260f72d34e6f33d364cf313d3b3161410dcbf5f0f0579a1d235b49bb5d27f85825b94f1899e7846d0292ad912d934574f9d55d2152dbfb39d662e6e0f2496182d012af8b4bebbdfa1d68e3e988869fb5cd9612db97e6cc574444f4b5025ec9827bafc55341bf6ad3fd4fab2ee43f343cb9bcec0c38384b5699e5c6d5973ba591978275c51a40200d340b9ed3681f08c69f58320f538f9cd78a34eb6ed55710d2478ea4bd15813921817b42f88f1bb038033b519668f0a2e8693b9a19c7bcf96eec04bda625b31c32f4286be922ab2c87aa30310c8f46551450d5bc26b5fbfdedaae0f756384023bb9a28d3200cfeaedd63d6afe076513e8ad73d16607cd4ede16344e60d8707357e82b1089258c56d851a435e23ce0919825e04471dd61a44c43e87c2959d4e89311a30ee8be010094d0ef109bb210dda58b21b685b9e9c078c9ded6117d9a88dd7799291969851cd4c3f22b5f870a275a692188dafcf6e89ba87b0eb61011de031fda25fb3349901d40da2bbdb76eda417c9fafd90fb23504ab150ca0033ea1d00000000000086ba3aaa79d0df4f2e4e4afa565e66d28aa167f835d080bf1d41d0e52dbf81c671f8eacae234bf4fc328302671fab46613b73daf2ace80aff2f80f6a9d84b82480178cc612aa90adfc80ab3bba7d1527fc6ab04f009011bf093494a0d329df4e53d855b1c0ff6a25d22052b3a778e1ca2fbe59c9eeedf99e13682d06da269560524ffa0f404b73b946edf900ee958ceba09a051e27a620fb78e7a352c182c8c2981ce822eeaf6323965b4b3f322d40d406a158b6f3cf5d74822de952fefc341d0dead6c1c8fed8e48e0a85b51c1dcc7796d3f45bb1f50467a475da76c356c9e031b096867da1dbb89c3a038d475dbcdb2df1278d5dba55c2fb5ba6a9778c2a244198491f0f711cdb2ef0332f347afffb1b098b4c59041ccb0c286bb2dd40e7ec713f6ffe0b1067678c748615dae3c1e090f3739a9035767fb9972580d19fdef49a5071f99c3706b8fa4991f430721cf3ca11af0e3bd7c4d0cd0ab5b7d98ee66730c20a098110e4a15ce0bfc88c41fe375f261fe3557e14eb5ff4a2cdf6a008fd7b6702951b8456e940fbd269a0f3ed515ac03cfecce67027d579e1226bd7b7381827453550343566508d38790ee838c3bf85c6c91a45e7a44752f57313533a3e82e4042e65d346afb20c0527575f79080aef4e1aa8d5868d190c8d37bdae7592e41bed37b9d4c30d8126d3debde02dff25f5ef1e48133e2a41cd55347bd23dcce57a00189619db629c530dc112d22ac72bce353681264b5175be40b3ba84408d0f56762cc720e96c128447be7128748e185be2640115556bac64d060207e629b0144e501c1c49c6abd15c7982b01e22da2ad04bb28df1a27f31e18040c16406071d798bb40d901d001e22cc5ed870d08702f49f0021814cdd814901a13c7ab061bb4b8172c639b3449e24f656fee58186e69e6874ea95d946da781b49ca080ffb4a3c87746c661f43e9be52d0ba2ee368b9c143687c8846abac599069decf41e69fddcadf31c5f715917df12df4eedbfcc5805fe8e661b8fcd7b130d7bcc4a9a152de93a15dddacf3cf52479956185a3c5000d18ddce0236d5858c0d8761bca7446e3d30f3e8f48d5e8f86a60cbe46f038b1028ffd35590bdacfeebb86e28d42a923bdc3f9a307b919341a2a7dda096d41070db245c2c424aedd4a4bb9863169454d09f25fd0aa2da7bfc97ad7aca886dd998e041133e07899ad48f7cda600de48ac3951152dfbe6331b8acae24cfd2dd2b14696c75040685c756942a0d049ee9863a2e480388f93876f3910ecb3a59fa16c25b2b3636a542f92744495e10a4ce37f19f5c2256e2d61775d388e2a86b52f76add2f956aa02501f5badb94da12595b2bbf88b05dc70caae6766fd3df4f299d0ff71c8787249b255ea49b3d33b3f1a8c9403cb75d64264465c3578538382b23d721f8a49134020ca2d9e887d9949624ac6d63322b6507e277a0020db9bfa2928736b96c72fa3406a95adfe6b374ffa27001d37d3bbe725e75c257834572026c511f57dce67153a4008f9e75e07ed9237f600005800ee667c137fc78bc4fd4ebf4d228979ab0ccafbcd8b8daad76fb2abcfc585377ea6e19f170db898b950a7b0f4e75466a2ba26e7d60e0a6f5c54a3fe78677f3362c5b01ae791b62ee8a5d0fd65b739ece4f3b758d05a8e4e4ea7e4866ee67750ce2769f72a9f45780eadfae73b42d4dd4c614c797c694ece8af88cc732edabfa26ace57de54835c7551154dfa3be11a0d3b5845ac97b2da84410a652e72cd563acbb2b02bb59370cebaaa80014e3ad280944eae6fbf8d5f85237257bb5b8e5ec3e52dc06f8394176b325a577804e9eb78d7015172d17ed15f905f705d56687f53988bb207c74fbeb2b03a700258e835362886239f4d8f1c2cf6d4d10ff26d2579ea40a5fb99e5b6d01cdeda050d3faa78ed674f2899be08332086c8bf0410a7d06099c50a2d949d49a0f21b43bcdfbdf435875cf5a9def46db63746574ee8a5b1fbcef411154e914dd9e5bb1b1bd2944581083fb66a017e7972df3daefc487e4198cb281d3a80637d52b41738b7f1a57c867d5b2ee5d72465657593339506fd0c3807cd6445eb54cfb5ca9d35ef93eec6383224ebf85197eb6ed75f6c324f6a0345a25be6bb52ed347e57ccb059b903fb7db4e9f46513a4158ce29c1f5d6081b556bbc471e89225cad81aed34dae0f90ee8e7237b3b286e29b49d7a1700c537b28571f7d7e2a55e10792d6f7779ddefa3febdea5693048372a45903c04f1035a96c6cfbe6f6c2b754581aac02f8a70e698be6e37fd411cf4b76317b47683f6b0f80dfdeef3a9767c7e5c30dff786093a21477431fea0458023953700"})
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x5)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_opts(r0, 0x84, 0x1c, 0xfffffffffffffffe, &(0x7f0000000100)=0x40)

791.309783ms ago: executing program 7 (id=2358):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)=@newqdisc={0x24, 0x24, 0xf0b, 0x70bd2c, 0x0, {0x0, 0x0, 0x12, 0x0, {0x0, 0x7}, {0xffff, 0xffff}, {0x2, 0xc}}}, 0x24}}, 0x4000010)
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000680)=ANY=[@ANYBLOB=' \x00\x00\x00_'], 0x20}], 0x1}, 0x4048084)

791.150993ms ago: executing program 6 (id=2359):
epoll_create1(0x80000)
r0 = syz_io_uring_setup(0x22f, &(0x7f0000000080)={0x0, 0x5325, 0x10000, 0x0, 0x100002cf}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

703.066776ms ago: executing program 3 (id=2360):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x1, 0x0, 0x7fff0000}]})
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r1, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
close_range(r0, 0xffffffffffffffff, 0x0)

670.878509ms ago: executing program 7 (id=2361):
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x3000801, &(0x7f0000000840)=ANY=[], 0x1, 0x1f3, &(0x7f0000000500)="$eJzsmb/L00AYx7+XtHl/IIqLg4uDL6jgmyapyrt0qOAoiFXUwaHYWKppK22EtiC0uLj4BwiuLo4ODk4O/gWuOqggONjRTTi5yyW9pmlppWjhfT7Qu28ud8/z3FPyHCQgCOLQ8u3rry/PLx/cOA/gCPawpcZ/mFHPj03P//zi8Q5KV16++fTqQ+vok3dpe0ys4cv7twC8L5sIwXLK49TqHU3vqf4mDJxT+hYY7Ej+5pzzvJRD+GC4o+Y80HQ7Nhj49r12ULvfCHxHNK5oPNEUdf8iqPGIoQZgW0bHOdPud/uDh9Ug8Dtpkeexn5lbq4pF+ZPxlQ2UEGePcwPA7WdPR+Ja5QYOjCR/Lgy4ShfBUFH6AFuwbXuSEm3/J3MT++Yy+/+/4rUUx/f/lVORYMEm7F0Iho0IY90ivxY7LD0iHuhk5MQ4roH6nO8r+rrLsDF/gSxcyIjn424QXP1LyyJjVkaiEjGpT4IzWn3KJaNAIWw+KnT7g/1Gs1r3637L84qXnAuOc9EryEIUtQvq37asT7vJSHwGzGIxCz3xoLo9IOy48roahh0varWKW3nb/inXGNfr0eLTUcfUmZUclCmY+hmyF+qsmT1zOHdPBEEQBEEQBEEQBEEQBEEQ2ZwCk29Z1YcqPgfvmnxD+ScAAP//+tFdLw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x24c01, 0x0)
fadvise64(r0, 0x6, 0x4101, 0x3)

518.33881ms ago: executing program 6 (id=2362):
r0 = io_uring_setup(0x585f, &(0x7f00000001c0)={0x0, 0x2c28, 0x1, 0x0, 0x10000000})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
io_uring_enter(r0, 0x0, 0x2, 0xf, &(0x7f0000000000), 0x18)

518.25195ms ago: executing program 7 (id=2363):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80002, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x4)

444.767316ms ago: executing program 6 (id=2364):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
waitid(0x0, 0x0, 0x0, 0x0, 0x0)

442.916486ms ago: executing program 3 (id=2365):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)={0x2c, r2, 0x1, 0x40000000, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xd}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)

314.471411ms ago: executing program 3 (id=2366):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e20, 0x8, @ipv4={'\x00', '\xff\xff', @remote}, 0x3}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c)

237.514746ms ago: executing program 7 (id=2367):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x9, 0x5, 0x2, 0x7, 0x0, 0x1, 0x10002}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000880), &(0x7f00000008c0), 0x75, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000400)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r1, r0}, 0xc)

177.272085ms ago: executing program 3 (id=2368):
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffff9]}, 0x0, 0x8)
r0 = gettid()
tkill(r0, 0x1)
rt_sigtimedwait(&(0x7f00000005c0)={[0x401]}, 0x0, 0x0, 0x8)

6.301652ms ago: executing program 4 (id=2369):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x3000046, &(0x7f0000000180)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@discard}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@max_batch_time={'max_batch_time', 0x3d, 0x8}}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f00000009c0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000680)='./file0\x00', 0x0, 0x1ca)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8, 0x0, 0x0, 0x6, 0x4})
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8, 0x0, 0xfffffffe, 0xe4c, 0xf2})

6.081932ms ago: executing program 3 (id=2370):
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)

0s ago: executing program 7 (id=2377):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = getpgrp(0x0)
kcmp(r1, r2, 0x0, r0, r0)

kernel console output (not intermixed with test programs):

r on dev loop4, logical block 65, lost async page write
[  294.062164][  T158] kworker/u4:6: attempt to access beyond end of device
[  294.062164][  T158] loop4: rw=1, sector=66, nr_sectors = 1 limit=64
[  294.085924][  T158] Buffer I/O error on dev loop4, logical block 66, lost async page write
[  294.094455][  T158] kworker/u4:6: attempt to access beyond end of device
[  294.094455][  T158] loop4: rw=1, sector=67, nr_sectors = 1 limit=64
[  294.143928][T10491] tap0: tun_chr_ioctl cmd 2147767520
[  294.152503][  T158] Buffer I/O error on dev loop4, logical block 67, lost async page write
[  294.170907][  T158] kworker/u4:6: attempt to access beyond end of device
[  294.170907][  T158] loop4: rw=1, sector=68, nr_sectors = 1 limit=64
[  294.204707][  T158] Buffer I/O error on dev loop4, logical block 68, lost async page write
[  294.222006][  T158] kworker/u4:6: attempt to access beyond end of device
[  294.222006][  T158] loop4: rw=1, sector=72, nr_sectors = 1 limit=64
[  294.260932][  T158] Buffer I/O error on dev loop4, logical block 72, lost async page write
[  294.277782][   T27] usb 4-1: USB disconnect, device number 10
[  294.284641][  T158] kworker/u4:6: attempt to access beyond end of device
[  294.284641][  T158] loop4: rw=1, sector=73, nr_sectors = 1 limit=64
[  294.322937][  T158] Buffer I/O error on dev loop4, logical block 73, lost async page write
[  294.374872][  T158] kworker/u4:6: attempt to access beyond end of device
[  294.374872][  T158] loop4: rw=1, sector=76, nr_sectors = 1 limit=64
[  294.429172][  T158] Buffer I/O error on dev loop4, logical block 76, lost async page write
[  294.464958][  T158] kworker/u4:6: attempt to access beyond end of device
[  294.464958][  T158] loop4: rw=1, sector=77, nr_sectors = 1 limit=64
[  294.488850][  T158] Buffer I/O error on dev loop4, logical block 77, lost async page write
[  294.578135][T10499] program syz.7.1350 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  294.806351][T10507] loop7: detected capacity change from 0 to 4096
[  294.895739][T10512] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  295.126830][T10507] NILFS (loop7): nilfs_palloc_commit_free_entry (ino=6): entry number 15 already freed
[  295.620216][T10526] loop6: detected capacity change from 0 to 1024
[  295.650058][T10509] loop4: detected capacity change from 0 to 32768
[  295.661555][T10526] EXT4-fs: Ignoring removed oldalloc option
[  295.682049][T10526] EXT4-fs: Ignoring removed bh option
[  295.711336][T10526] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  295.732924][T10509] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  295.765262][T10526] EXT4-fs (loop6): invalid inodes per group: 204800
[  295.765262][T10526] 
[  295.964319][T10509] XFS (loop4): Ending clean mount
[  296.002384][T10509] XFS (loop4): Quotacheck needed: Please wait.
[  296.101413][T10509] XFS (loop4): Quotacheck: Done.
[  296.395789][ T5835] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  296.406361][ T6488] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  296.605016][ T5835] usb 4-1: Using ep0 maxpacket: 16
[  296.620300][ T5835] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  296.639835][ T5835] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  296.655030][ T5835] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  296.664322][ T5835] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.682707][ T5835] usb 4-1: Product: syz
[  296.688653][ T5835] usb 4-1: Manufacturer: syz
[  296.693306][ T5835] usb 4-1: SerialNumber: syz
[  296.850289][T10549] loop6: detected capacity change from 0 to 40427
[  296.863225][T10549] F2FS-fs (loop6): invalid crc value
[  296.885910][T10549] F2FS-fs (loop6): Found nat_bits in checkpoint
[  296.960567][T10549] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  297.117412][ T5835] usb 4-1: 0:2 : does not exist
[  297.539935][ T5835] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  297.565059][ T7747] bio_check_eod: 1 callbacks suppressed
[  297.565075][ T7747] syz-executor: attempt to access beyond end of device
[  297.565075][ T7747] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  297.612163][ T7747] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  297.658721][ T5835] usb 4-1: USB disconnect, device number 11
[  297.742960][ T5775] udevd[5775]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  298.022834][T10557] can0: slcan on ttyS3.
[  298.037157][T10556] loop6: detected capacity change from 0 to 2048
[  298.079815][T10556] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  298.096155][T10557] can0 (unregistered): slcan off ttyS3.
[  298.135516][T10556] ext4 filesystem being mounted at /201/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  298.197554][ T7747] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.387036][T10565] loop6: detected capacity change from 0 to 4096
[  298.418312][T10568] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  298.548229][    T8] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  298.755040][    T8] usb 4-1: Using ep0 maxpacket: 16
[  298.766058][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  298.777208][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  298.787149][    T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  298.800790][    T8] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  298.810197][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.820997][    T8] usb 4-1: config 0 descriptor??
[  299.243234][    T8] microsoft 0003:045E:07DA.000A: ignoring exceeding usage max
[  299.445564][    T8] microsoft 0003:045E:07DA.000A: No inputs registered, leaving
[  299.486356][    T8] microsoft 0003:045E:07DA.000A: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  299.515092][T10573] loop4: detected capacity change from 0 to 4096
[  299.528711][    T8] microsoft 0003:045E:07DA.000A: no inputs found
[  299.542588][    T8] microsoft 0003:045E:07DA.000A: could not initialize ff, continuing anyway
[  299.549475][T10573] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  299.603326][    T8] usb 4-1: USB disconnect, device number 12
[  299.609650][T10576] loop7: detected capacity change from 0 to 1024
[  299.622485][T10573] ntfs: (device loop4): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy.
[  299.659545][T10576] EXT4-fs: Ignoring removed oldalloc option
[  299.710137][T10573] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  299.739997][T10573] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  299.768679][T10576] EXT4-fs: Ignoring removed bh option
[  299.783196][T10576] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  299.801499][T10573] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  299.813832][T10579] fido_id[10579]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  299.833291][T10576] EXT4-fs (loop7): invalid inodes per group: 204800
[  299.833291][T10576] 
[  299.842505][T10573] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5).
[  299.908440][T10573] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  299.946632][T10573] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  300.010790][T10573] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  300.074953][T10573] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x200 because its location on disk could not be determined even after retrying (error code -5).
[  300.185616][T10573] ntfs: volume version 3.1.
[  301.141896][T10587] loop3: detected capacity change from 0 to 32768
[  301.202200][T10587] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  301.280072][T10591] loop4: detected capacity change from 0 to 32768
[  301.311292][T10587] XFS (loop3): Ending clean mount
[  301.316656][ T5835] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  301.337247][T10587] XFS (loop3): Quotacheck needed: Please wait.
[  301.398224][T10591] read_mapping_page failed!
[  301.403560][T10591] ERROR: (device loop4): txCommit: 
[  301.403560][T10591] 
[  301.411268][T10587] XFS (loop3): Quotacheck: Done.
[  301.528365][ T5835] usb 7-1: config 1 has an invalid descriptor of length 93, skipping remainder of the config
[  301.565094][ T5835] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  301.579919][ T5835] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  301.631580][ T8413] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  301.646121][ T5835] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  301.673779][ T5835] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.682662][ T5835] usb 7-1: Product: syz
[  301.687291][ T5835] usb 7-1: Manufacturer: syz
[  301.691952][ T5835] usb 7-1: SerialNumber: syz
[  301.712702][ T5835] cdc_ncm 7-1:1.0: invalid descriptor buffer length
[  301.726172][ T5835] cdc_ncm 7-1:1.0: CDC Union missing and no IAD found
[  301.743659][ T5835] cdc_ncm 7-1:1.0: bind() failure
[  301.951984][ T5835] usb 7-1: USB disconnect, device number 6
[  302.432547][T10615] loop7: detected capacity change from 0 to 32768
[  302.447458][T10615] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 scanned by syz.7.1387 (10615)
[  302.486894][T10615] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  302.517663][T10615] BTRFS info (device loop7): using crc32c (crc32c-intel) checksum algorithm
[  302.541007][T10615] BTRFS info (device loop7): metadata ratio 2
[  302.553882][T10615] BTRFS info (device loop7): allowing degraded mounts
[  302.583922][T10615] BTRFS info (device loop7): force zlib compression, level 3
[  302.624298][T10615] BTRFS info (device loop7): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  302.655817][T10615] BTRFS info (device loop7): use zstd compression, level 3
[  302.663211][T10615] BTRFS info (device loop7): force clearing of disk cache
[  302.705157][T10615] BTRFS info (device loop7): turning on flush-on-commit
[  302.752809][T10615] BTRFS warning (device loop7): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  302.807547][T10615] BTRFS info (device loop7): trying to use backup root at mount time
[  302.839734][T10632] loop4: detected capacity change from 0 to 128
[  302.863165][T10615] BTRFS info (device loop7): using free space tree
[  302.931308][T10632] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  302.948043][T10632] ext4 filesystem being mounted at /307/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  303.214225][T10615] BTRFS info (device loop7): enabling ssd optimizations
[  303.222430][ T6488] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  303.257553][T10615] BTRFS info (device loop7): rebuilding free space tree
[  303.449259][T10657] loop4: detected capacity change from 0 to 1024
[  303.475128][    T8] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  303.551626][ T9511] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  303.684883][    T8] usb 7-1: Using ep0 maxpacket: 32
[  303.753111][    T8] usb 7-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  303.762406][    T8] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.789594][    T8] usb 7-1: Product: syz
[  303.813181][    T8] usb 7-1: Manufacturer: syz
[  303.844222][    T8] usb 7-1: SerialNumber: syz
[  303.864470][    T8] usb 7-1: config 0 descriptor??
[  304.047670][T10665] loop3: detected capacity change from 0 to 4096
[  304.113338][    T8] RobotFuzz Open Source InterFace, OSIF 7-1:0.0: version d4.15 found at bus 007 address 007
[  304.284957][ T7035] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  304.374330][T10651] i2c i2c-1: adapter quirk: no zero length (addr 0x0000, size 0, read)
[  304.408718][ T5816] usb 7-1: USB disconnect, device number 7
[  304.498746][ T7035] usb 5-1: config 0 has an invalid interface number: 255 but max is 0
[  304.510043][ T7035] usb 5-1: config 0 has no interface number 0
[  304.523663][ T7035] usb 5-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  304.541020][ T7035] usb 5-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  304.561300][ T7035] usb 5-1: config 0 interface 255 has no altsetting 0
[  304.573611][ T7035] usb 5-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  304.594382][ T7035] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.614519][ T7035] usb 5-1: config 0 descriptor??
[  304.621947][ T7035] ums-realtek 5-1:0.255: USB Mass Storage device detected
[  304.795133][T10681] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1406'.
[  304.888606][ T7035] usb 5-1: USB disconnect, device number 7
[  304.938288][T10687] loop3: detected capacity change from 0 to 256
[  305.116379][T10691] loop7: detected capacity change from 0 to 736
[  305.728329][T10708] loop7: detected capacity change from 0 to 128
[  305.851938][T10708] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  305.945116][T10708] ext4 filesystem being mounted at /75/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  306.053990][T10708] fscrypt (loop7, inode 12): Unsupported encryption flags (0x71)
[  306.162850][ T9511] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  306.314915][ T5835] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  306.333942][T10729] loop7: detected capacity change from 0 to 512
[  306.381855][T10729] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.395706][T10729] ext4 filesystem being mounted at /76/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  306.511747][T10729] EXT4-fs error (device loop7): ext4_get_first_dir_block:3592: inode #12: block 32: comm syz.7.1425: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  306.536838][ T5835] usb 7-1: Using ep0 maxpacket: 32
[  306.556068][ T5835] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  306.571725][T10729] EXT4-fs (loop7): Remounting filesystem read-only
[  306.584026][ T5835] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  306.612405][ T5835] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  306.631839][ T5835] usb 7-1: Product: syz
[  306.646334][ T5835] usb 7-1: Manufacturer: syz
[  306.651006][ T5835] usb 7-1: SerialNumber: syz
[  306.686198][ T5835] usb 7-1: config 0 descriptor??
[  306.706540][T10719] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  306.716488][ T9511] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.732232][ T5835] hub 7-1:0.0: bad descriptor, ignoring hub
[  306.761436][ T5835] hub: probe of 7-1:0.0 failed with error -5
[  307.115581][   T27] usb 7-1: USB disconnect, device number 8
[  307.370948][T10737] loop4: detected capacity change from 0 to 32768
[  307.393632][T10737] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  307.425928][T10737] JBD2: Ignoring recovery information on journal
[  307.456976][T10754] loop3: detected capacity change from 0 to 1024
[  307.472846][T10754] EXT4-fs: Ignoring removed bh option
[  307.486090][T10737] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  307.529542][T10754] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  307.621525][T10754] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.661922][   T28] kauditd_printk_skb: 10 callbacks suppressed
[  307.661938][   T28] audit: type=1800 audit(1772069246.064:34): pid=10754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1438" name="file2" dev="loop3" ino=16 res=0 errno=0
[  307.729222][ T6488] ocfs2: Unmounting device (7,4) on (node local)
[  307.885622][ T8413] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.209461][T10768] loop6: detected capacity change from 0 to 128
[  308.291977][T10768] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  308.306883][T10773] loop4: detected capacity change from 0 to 64
[  308.329808][T10768] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  308.375314][   T28] audit: type=1800 audit(1772069246.774:35): pid=10768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1443" name="file1" dev="loop6" ino=12 res=0 errno=0
[  308.395781][    C0] vkms_vblank_simulate: vblank timer overrun
[  308.463508][ T7747] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  308.550512][T10775] loop3: detected capacity change from 0 to 1024
[  308.613528][T10775] hfsplus: invalid length 32517 has been corrected to 255
[  308.764117][ T1307] hfsplus: b-tree write err: -5, ino 4
[  308.865427][   T27] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  309.083132][   T27] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  309.101048][   T27] usb 7-1: New USB device found, idVendor=03da, idProduct=2820, bcdDevice=52.3c
[  309.111475][   T27] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.127350][   T27] usb 7-1: config 0 descriptor??
[  309.140854][   T27] usb 7-1: bad CDC descriptors
[  309.155157][ T5835] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  309.360948][   T27] usb 7-1: USB disconnect, device number 9
[  309.371881][ T5835] usb 5-1: Using ep0 maxpacket: 32
[  309.391662][ T5835] usb 5-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  309.406847][ T5835] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.418562][ T5835] usb 5-1: Product: syz
[  309.422786][ T5835] usb 5-1: Manufacturer: syz
[  309.435361][ T5835] usb 5-1: SerialNumber: syz
[  309.451668][ T5835] usb 5-1: config 0 descriptor??
[  309.573184][T10799] cgroup: Need name or subsystem set
[  309.652569][T10801] loop3: detected capacity change from 0 to 64
[  309.701059][ T5835] RobotFuzz Open Source InterFace, OSIF 5-1:0.0: version d4.15 found at bus 005 address 008
[  309.959338][T10785] i2c i2c-1: adapter quirk: no zero length (addr 0x0000, size 0, read)
[  309.977105][ T7035] usb 5-1: USB disconnect, device number 8
[  310.345103][   T27] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  310.471631][T10807] loop6: detected capacity change from 0 to 40427
[  310.501148][T10807] F2FS-fs (loop6): invalid crc value
[  310.517217][T10807] F2FS-fs (loop6): Found nat_bits in checkpoint
[  310.551882][   T27] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  310.596436][   T27] usb 4-1: config 0 interface 0 has no altsetting 0
[  310.644306][   T27] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  310.655858][   T27] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  310.673087][T10807] F2FS-fs (loop6): Start checkpoint disabled!
[  310.680522][   T27] usb 4-1: Product: syz
[  310.694462][T10807] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  310.694467][   T27] usb 4-1: Manufacturer: syz
[  310.753677][   T27] usb 4-1: SerialNumber: syz
[  310.784358][   T27] usb 4-1: config 0 descriptor??
[  310.810611][   T27] usb 4-1: selecting invalid altsetting 0
[  311.136685][ T1307] kworker/u4:8: attempt to access beyond end of device
[  311.136685][ T1307] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  311.192954][ T1307] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  311.259129][ T5816] usb 4-1: USB disconnect, device number 13
[  311.300974][T10819] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  311.478732][T10821] loop7: detected capacity change from 0 to 128
[  311.520571][T10821] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  311.551191][T10821] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  311.741487][T10816] loop4: detected capacity change from 0 to 32768
[  311.778704][T10816] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.1466 (10816)
[  311.860631][T10816] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  311.894943][T10816] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  311.918247][T10816] BTRFS info (device loop4): metadata ratio 2
[  311.928359][T10816] BTRFS info (device loop4): allowing degraded mounts
[  311.965667][T10816] BTRFS info (device loop4): force zlib compression, level 3
[  311.973159][T10816] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  311.989351][T10825] loop6: detected capacity change from 0 to 4096
[  312.020200][T10825] ntfs: (device loop6): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  312.041026][T10816] BTRFS info (device loop4): use zstd compression, level 3
[  312.064553][T10816] BTRFS info (device loop4): force clearing of disk cache
[  312.105952][T10816] BTRFS info (device loop4): turning on flush-on-commit
[  312.112991][T10816] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  312.150905][T10825] ntfs: (device loop6): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy.
[  312.206730][T10816] BTRFS info (device loop4): trying to use backup root at mount time
[  312.239424][T10825] ntfs: (device loop6): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  312.249379][T10816] BTRFS info (device loop4): using free space tree
[  312.256919][T10825] ntfs: (device loop6): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  312.317501][T10825] ntfs: (device loop6): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  312.326618][T10825] ntfs: (device loop6): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5).
[  312.347883][T10825] ntfs: (device loop6): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  312.357806][T10825] ntfs: (device loop6): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  312.388470][T10837] netlink: 104 bytes leftover after parsing attributes in process `syz.7.1473'.
[  312.432264][T10816] BTRFS info (device loop4): enabling ssd optimizations
[  312.443376][T10825] ntfs: volume version 3.1.
[  312.524295][T10816] BTRFS info (device loop4): rebuilding free space tree
[  312.547433][T10851] loop3: detected capacity change from 0 to 128
[  312.678657][T10851] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  312.718214][T10851] ext4 filesystem being mounted at /153/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  312.797691][T10851] fscrypt (loop3, inode 12): Unsupported encryption flags (0x10)
[  312.898946][ T8413] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  313.083160][ T6488] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  313.775039][T10877] loop4: detected capacity change from 0 to 64
[  313.886235][   T28] kauditd_printk_skb: 11 callbacks suppressed
[  313.886250][   T28] audit: type=1800 audit(1772069252.294:36): pid=10877 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1485" name="file1" dev="loop4" ino=21 res=0 errno=0
[  314.897302][T10879] loop6: detected capacity change from 0 to 40427
[  314.973247][T10879] F2FS-fs (loop6): Found nat_bits in checkpoint
[  315.034898][   T27] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  315.110062][T10879] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  315.235303][   T27] usb 5-1: Using ep0 maxpacket: 16
[  315.250107][   T27] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  315.272155][ T7747] syz-executor: attempt to access beyond end of device
[  315.272155][ T7747] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  315.299815][   T27] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  315.312940][ T7747] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  315.316010][   T27] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.336096][   T27] usb 5-1: Product: syz
[  315.340487][   T27] usb 5-1: Manufacturer: syz
[  315.364793][   T27] usb 5-1: SerialNumber: syz
[  315.378423][   T27] usb 5-1: config 0 descriptor??
[  315.394521][   T27] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  315.408343][   T27] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  315.754583][T10901] loop7: detected capacity change from 0 to 32768
[  315.807339][T10908] loop3: detected capacity change from 0 to 32768
[  315.829830][T10901] 
[  315.829830][T10901]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  315.829830][T10901] 
[  315.936954][T10901] ERROR: (device loop7): diWrite: ixpxd invalid
[  315.936954][T10901] 
[  315.949391][T10908] overlayfs: upper fs needs to support d_type.
[  315.969487][T10908] overlayfs: upper fs does not support tmpfile.
[  316.008096][T10908] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  316.016620][T10901] ERROR: (device loop7): txCommit: 
[  316.016620][T10901] 
[  316.030536][   T27] em28xx 5-1:0.0: chip ID is em2800
[  316.057655][T10901] 
[  316.057655][T10901]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  316.057655][T10901] 
[  316.078216][T10908] ERROR: (device loop3): dbAlloc: the hint is outside the map
[  316.078216][T10908] 
[  316.112493][T10901] 
[  316.112493][T10901]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  316.112493][T10901] 
[  316.127518][T10908] ERROR: (device loop3): remounting filesystem as read-only
[  316.167112][T10901] ERROR: (device loop7): diWrite: ixpxd invalid
[  316.167112][T10901] 
[  316.176803][T10908] overlayfs: failed to set uuid (/file0, err=-5); falling back to uuid=null.
[  316.229911][T10901] ERROR: (device loop7): txCommit: 
[  316.229911][T10901] 
[  316.338383][   T27] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  316.352265][ T9511] ERROR: (device loop7): diFree: wmap shows inode already free
[  316.352265][ T9511] 
[  316.376783][   T27] em28xx 5-1:0.0: board has no eeprom
[  316.377249][ T9511] 
[  316.377249][ T9511]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  316.377249][ T9511] 
[  316.420309][ T9511] 
[  316.420309][ T9511]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  316.420309][ T9511] 
[  316.475151][   T27] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  316.483071][   T27] em28xx 5-1:0.0: dvb set to bulk mode.
[  316.493657][ T5813] em28xx 5-1:0.0: Binding DVB extension
[  316.533743][   T27] usb 5-1: USB disconnect, device number 9
[  316.550903][   T27] em28xx 5-1:0.0: Disconnecting em28xx
[  316.663524][ T5813] em28xx 5-1:0.0: Registering input extension
[  316.683707][   T27] em28xx 5-1:0.0: Closing input extension
[  316.805849][   T27] em28xx 5-1:0.0: Freeing device
[  316.886843][T10917] loop7: detected capacity change from 0 to 64
[  317.189323][T10925] pim6reg: entered allmulticast mode
[  317.269714][T10924] pim6reg: left allmulticast mode
[  317.306583][T10928] loop4: detected capacity change from 0 to 16
[  317.362087][T10928] erofs: (device loop4): mounted with root inode @ nid 36.
[  317.400713][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  317.416113][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  317.428423][T10931] loop6: detected capacity change from 0 to 128
[  317.541035][    C0] operation not supported error, dev loop6, sector 32 op 0x9:(WRITE_ZEROES) flags 0x8000800 phys_seg 0 prio class 2
[  318.161723][T10948] loop6: detected capacity change from 0 to 2048
[  318.238051][T10953] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  318.346981][T10953] NILFS (loop6): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  318.407347][T10953] NILFS error (device loop6): nilfs_bmap_propagate: broken bmap (inode number=4)
[  318.510774][T10953] Remounting filesystem read-only
[  318.535209][   T33] NILFS (loop6): discard dirty page: offset=4096, ino=6
[  318.562672][   T33] NILFS (loop6): discard dirty block: blocknr=39, size=1024
[  318.578996][T10960] program syz.4.1521 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  318.595444][   T33] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  318.628557][   T33] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  318.661284][   T33] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  318.683703][   T33] NILFS (loop6): discard dirty page: offset=0, ino=2
[  318.712482][   T33] NILFS (loop6): discard dirty block: blocknr=18, size=1024
[  318.732383][   T33] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  318.772078][   T33] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  318.791413][   T33] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  318.812234][   T33] NILFS (loop6): discard dirty page: offset=0, ino=5
[  318.854830][   T33] NILFS (loop6): discard dirty block: blocknr=41, size=1024
[  318.864999][   T33] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  318.873915][   T33] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  318.929424][   T33] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  318.949757][T10967] loop3: detected capacity change from 0 to 512
[  318.956689][T10948] NILFS (loop6): mounting fs with errors
[  318.976510][T10948] NILFS error (device loop6): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  319.004471][T10967] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  319.024261][T10948] Remounting filesystem read-only
[  319.053915][T10967] EXT4-fs (loop3): orphan cleanup on readonly fs
[  319.061250][T10948] NILFS (loop6): error -5 reading inode: ino=18
[  319.078094][T10967] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:512: comm syz.3.1525: Block bitmap for bg 0 marked uninitialized
[  319.094968][T10948] NILFS (loop6): cannot mark inode dirty (ino=18): error -5 loading inode block
[  319.155601][T10967] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6653: Corrupt filesystem
[  319.201358][ T7747] NILFS (loop6): disposed unprocessed dirty file(s) when stopping log writer
[  319.201649][T10967] EXT4-fs (loop3): 1 orphan inode deleted
[  319.216686][ T7747] NILFS (loop6): discard dirty page: offset=0, ino=6
[  319.223443][ T7747] NILFS (loop6): discard dirty block: blocknr=35, size=1024
[  319.234295][ T7747] NILFS (loop6): discard dirty block: blocknr=36, size=1024
[  319.239472][T10967] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  319.247480][ T7747] NILFS (loop6): discard dirty block: blocknr=37, size=1024
[  319.269407][ T7747] NILFS (loop6): discard dirty block: blocknr=38, size=1024
[  319.278765][ T7747] NILFS (loop6): discard dirty page: offset=0, ino=4
[  319.316499][ T7747] NILFS (loop6): discard dirty block: blocknr=40, size=1024
[  319.344354][ T7747] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  319.364617][ T7747] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  319.383509][ T7747] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  319.384093][T10967] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  319.405460][ T7747] NILFS (loop6): discard dirty page: offset=0, ino=3
[  319.412205][ T7747] NILFS (loop6): discard dirty block: blocknr=42, size=1024
[  319.420647][ T7747] NILFS (loop6): discard dirty block: blocknr=43, size=1024
[  319.430724][T10967] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  319.441806][ T7747] NILFS (loop6): discard dirty block: blocknr=44, size=1024
[  319.450473][ T7747] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  319.460086][ T5813] usb 5-1: new low-speed USB device number 10 using dummy_hcd
[  319.472464][ T7747] NILFS (loop6): discard dirty page: offset=196608, ino=3
[  319.480666][ T7747] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  319.490024][ T7747] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  319.491994][T10967] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:512: comm syz.3.1525: Block bitmap for bg 0 marked uninitialized
[  319.499074][ T7747] NILFS (loop6): discard dirty block: blocknr=49, size=1024
[  319.499097][ T7747] NILFS (loop6): discard dirty block: blocknr=18446744073709551615, size=1024
[  319.564539][T10976] tun0: tun_chr_ioctl cmd 1074025692
[  319.592646][T10979] loop6: detected capacity change from 0 to 1024
[  319.611631][T10979] hfsplus: invalid length 32517 has been corrected to 255
[  319.666775][ T5813] usb 5-1: config 0 has no interfaces?
[  319.672341][ T5813] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  319.701921][ T5813] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.727909][ T8413] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.729132][ T5813] usb 5-1: config 0 descriptor??
[  319.763385][  T158] hfsplus: b-tree write err: -5, ino 4
[  319.987433][    T8] usb 5-1: USB disconnect, device number 10
[  320.012063][T10989] loop7: detected capacity change from 0 to 64
[  320.026812][T10985] loop3: detected capacity change from 0 to 1024
[  320.044095][T10989] BFS-fs: bfs_readdir(): Bad f_pos=00000049 for loop7:00000002
[  320.111326][T10985] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  320.158617][T10985] ext4 filesystem being mounted at /170/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  320.325744][T10985] EXT4-fs (loop3): Online resizing not supported with bigalloc
[  320.451910][ T8413] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  320.642987][T11004] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1537'.
[  320.770657][T11007] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1539'.
[  321.000650][T11015] loop3: detected capacity change from 0 to 128
[  321.028273][T10995] loop7: detected capacity change from 0 to 32768
[  321.043023][T11015] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  321.092867][T11025] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  321.096268][T10995] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  321.160805][T11015] ext4 filesystem being mounted at /173/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  321.173132][T11028] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1544'.
[  321.200815][T11025] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  321.272792][T11015] fscrypt (loop3, inode 12): Mutually exclusive encryption flags (0x0c)
[  321.288134][T11033] option changes via remount are deprecated (pid=11032 comm=syz.4.1545)
[  321.320458][T11033] cgroup: option or name mismatch, new: 0x0 "nofavordynmods", old: 0x0 ""
[  321.329255][T10995] XFS (loop7): Ending clean mount
[  321.375443][T10995] XFS (loop7): Quotacheck needed: Please wait.
[  321.552226][ T7747] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  321.563076][ T8413] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  321.599928][T10995] XFS (loop7): Quotacheck: Done.
[  321.964967][ T9511] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  322.051673][T11044] set_capacity_and_notify: 1 callbacks suppressed
[  322.051690][T11044] loop6: detected capacity change from 0 to 512
[  322.117740][T11044] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  322.136633][T11044] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  322.186165][T11044] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  322.252122][T11044] System zones: 0-2, 18-18, 34-35
[  322.312852][T11044] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  322.467360][T11044] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended
[  322.531513][T11044] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  322.540623][T11044] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  322.596460][T11051] loop4: detected capacity change from 0 to 512
[  322.634160][T11051] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  322.676581][T11044] EXT4-fs error (device loop6): ext4_validate_block_bitmap:439: comm syz.6.1551: bg 0: block 353: padding at end of block bitmap is not set
[  322.706408][T11051] EXT4-fs (loop4): orphan cleanup on readonly fs
[  322.740854][T11051] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:512: comm syz.4.1553: Block bitmap for bg 0 marked uninitialized
[  322.816614][T11051] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6653: Corrupt filesystem
[  322.859264][T11051] EXT4-fs (loop4): 1 orphan inode deleted
[  322.876327][T11051] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  322.904095][ T7747] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.013762][T11051] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  323.029678][T11058] loop7: detected capacity change from 0 to 64
[  323.042060][T11051] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  323.076972][T11051] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:512: comm syz.4.1553: Block bitmap for bg 0 marked uninitialized
[  323.191869][ T6488] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.609029][T11073] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1561'.
[  323.635226][T11074] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1562'.
[  323.833562][ T5081] block nbd0: Receive control failed (result -22)
[  323.847309][T11078] nbd0: detected capacity change from 0 to 32
[  323.872638][   T24] block nbd0: Dead connection, failed to find a fallback
[  323.882446][   T24] block nbd0: shutting down sockets
[  323.888370][   T24] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  323.899700][   T24] Buffer I/O error on dev nbd0, logical block 0, async page read
[  323.931218][   T24] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  323.940631][   T24] Buffer I/O error on dev nbd0, logical block 0, async page read
[  323.951854][   T24] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  323.961729][   T24] Buffer I/O error on dev nbd0, logical block 0, async page read
[  323.970318][   T24] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  323.979864][   T24] Buffer I/O error on dev nbd0, logical block 0, async page read
[  323.988156][   T24] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  323.997431][   T24] Buffer I/O error on dev nbd0, logical block 0, async page read
[  324.005801][   T24] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  324.030399][   T24] Buffer I/O error on dev nbd0, logical block 0, async page read
[  324.038529][   T24] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  324.047684][   T24] Buffer I/O error on dev nbd0, logical block 0, async page read
[  324.055702][   T24] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  324.065195][   T24] Buffer I/O error on dev nbd0, logical block 0, async page read
[  324.073038][ T5775] ldm_validate_partition_table(): Disk read failed.
[  324.080168][   T24] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  324.089306][   T24] Buffer I/O error on dev nbd0, logical block 0, async page read
[  324.120152][   T97] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  324.130156][   T97] Buffer I/O error on dev nbd0, logical block 0, async page read
[  324.144541][ T5775] Dev nbd0: unable to read RDB block 0
[  324.187551][ T5775]  nbd0: unable to read partition table
[  324.203040][ T5775] ldm_validate_partition_table(): Disk read failed.
[  324.212566][ T5775] Dev nbd0: unable to read RDB block 0
[  324.219654][ T5775]  nbd0: unable to read partition table
[  324.241529][ T5775] ldm_validate_partition_table(): Disk read failed.
[  324.248968][ T5775] Dev nbd0: unable to read RDB block 0
[  324.255590][ T5775]  nbd0: unable to read partition table
[  324.272521][ T5775] ldm_validate_partition_table(): Disk read failed.
[  324.280787][ T5775] Dev nbd0: unable to read RDB block 0
[  324.287367][ T5775]  nbd0: unable to read partition table
[  324.552963][T11068] loop6: detected capacity change from 0 to 32768
[  324.605626][T11095] loop3: detected capacity change from 0 to 512
[  324.625793][T11068] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  324.676102][T11107] loop4: detected capacity change from 0 to 24
[  324.683808][T11107] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  324.722894][T11107] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  324.781320][T11068] XFS (loop6): Ending clean mount
[  324.812216][T11068] XFS (loop6): Quotacheck needed: Please wait.
[  324.820449][T11095] EXT4-fs (loop3): 1 orphan inode deleted
[  324.848023][T11095] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.849305][ T8507] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  324.885194][T11095] ext4 filesystem being mounted at /182/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  324.918125][ T8507] EXT4-fs error (device loop3): ext4_release_dquot:6985: comm kworker/u4:9: Failed to release dquot type 1
[  324.973014][T11068] XFS (loop6): Quotacheck: Done.
[  325.133552][T11112] loop4: detected capacity change from 0 to 4096
[  325.200560][ T7747] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  325.228357][ T8413] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.614239][T11120] loop7: detected capacity change from 0 to 7
[  325.740880][T11116] loop3: detected capacity change from 0 to 8192
[  325.786833][T11116] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  325.794979][T11120] ldm_validate_partition_table(): Disk read failed.
[  325.838813][T11120] Dev loop7: unable to read RDB block 0
[  325.859741][   T28] audit: type=1800 audit(1772069264.264:37): pid=11116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1578" name="file1" dev="loop3" ino=1048659 res=0 errno=0
[  325.880650][    C1] vkms_vblank_simulate: vblank timer overrun
[  325.902780][T11120]  loop7: unable to read partition table
[  325.916084][T11120] loop7: partition table beyond EOD, truncated
[  325.945033][T11120] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õÖ�˜Èµ4FLQkÝŠ5) failed (rc=-5)
[  326.320439][T11134] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1585'.
[  326.348075][T11131] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  326.471762][T11137] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  326.673290][ T8413] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.060492][T11154] set_capacity_and_notify: 2 callbacks suppressed
[  327.060509][T11154] loop7: detected capacity change from 0 to 1024
[  327.277401][T11158] program syz.6.1596 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  328.085379][   T27] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  328.172873][T11190] bond0: entered promiscuous mode
[  328.181762][T11190] bond_slave_0: entered promiscuous mode
[  328.189864][T11190] bond_slave_1: entered promiscuous mode
[  328.203429][T11190] batadv0: entered promiscuous mode
[  328.211416][T11192] loop7: detected capacity change from 0 to 7
[  328.220734][T11190] 8021q: adding VLAN 0 to HW filter on device hsr1
[  328.227652][ T5775] ldm_validate_partition_table(): Disk read failed.
[  328.237927][ T5775] Dev loop7: unable to read RDB block 0
[  328.244903][ T5775]  loop7: unable to read partition table
[  328.250837][ T5775] loop7: partition table beyond EOD, truncated
[  328.259468][T11190] bond0: left promiscuous mode
[  328.264631][T11190] bond_slave_0: left promiscuous mode
[  328.272479][T11190] bond_slave_1: left promiscuous mode
[  328.280366][T11190] batadv0: left promiscuous mode
[  328.318276][   T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  328.329292][   T27] usb 4-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00
[  328.338462][   T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.352995][T11192] ldm_validate_partition_table(): Disk read failed.
[  328.360986][   T27] usb 4-1: config 0 descriptor??
[  328.372045][T11192] Dev loop7: unable to read RDB block 0
[  328.378473][T11192]  loop7: unable to read partition table
[  328.384622][T11192] loop7: partition table beyond EOD, truncated
[  328.391189][T11192] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õÖ�˜Èµ4FLQkÝŠ5) failed (rc=-5)
[  328.898847][T11204] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1618'.
[  329.016875][   T27] razer 0003:1532:010E.000B: hidraw0: USB HID v0.00 Device [HID 1532:010e] on usb-dummy_hcd.3-1/input0
[  329.235949][T11218] loop7: detected capacity change from 0 to 7
[  329.267634][    C0] blk_print_req_error: 122 callbacks suppressed
[  329.267651][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.283202][    C0] buffer_io_error: 122 callbacks suppressed
[  329.283216][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  329.311418][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.316524][ T5813] usb 4-1: USB disconnect, device number 14
[  329.320715][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  329.379605][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.388954][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  329.398890][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.408148][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  329.420400][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.429708][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  329.439437][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.448714][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  329.457462][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.466712][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  329.475505][T11218] ldm_validate_partition_table(): Disk read failed.
[  329.484778][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.494045][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  329.502461][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.511738][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  329.521216][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.530480][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  329.542868][T11218] Dev loop7: unable to read RDB block 0
[  329.556844][T11218]  loop7: unable to read partition table
[  329.563114][T11218] loop7: partition table beyond EOD, truncated
[  329.582300][T11218] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õÖ�˜Èµ4FLQkÝŠ5) failed (rc=-5)
[  329.852879][T11230] loop4: detected capacity change from 0 to 1024
[  330.070064][  T158] hfsplus: b-tree write err: -5, ino 4
[  331.012478][T11236] loop6: detected capacity change from 0 to 32768
[  331.066195][T11236] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  331.220505][T11236] XFS (loop6): Ending clean mount
[  331.277128][T11236] XFS (loop6): Quotacheck needed: Please wait.
[  331.388244][T11277] loop4: detected capacity change from 0 to 64
[  331.468495][T11279] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1644'.
[  331.496011][T11279] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1644'.
[  331.535069][T11236] XFS (loop6): Quotacheck: Done.
[  331.728515][T11282] vcan0: tx address claim with dlc 0
[  331.739425][T11284] loop3: detected capacity change from 0 to 512
[  331.749250][T11284] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  331.774420][ T7747] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  331.810867][T11284] EXT4-fs (loop3): 1 truncate cleaned up
[  331.837469][T11284] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.894545][T11284] EXT4-fs error (device loop3): ext4_find_dest_de:2115: inode #2: block 13: comm syz.3.1647: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  331.925373][T11284] EXT4-fs (loop3): Remounting filesystem read-only
[  331.989521][ T8413] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.393898][T11302] relay: one or more items not logged [item size (56) > sub-buffer size (5)]
[  332.403350][T11304] loop3: detected capacity change from 0 to 512
[  332.474403][T11304] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.664315][ T8413] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.822403][T11315] loop3: detected capacity change from 0 to 256
[  332.884365][T11315] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  332.948099][T11317] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1662'.
[  334.228386][T11326] loop4: detected capacity change from 0 to 40427
[  334.261306][T11326] F2FS-fs (loop4): invalid crc value
[  334.270627][T11326] F2FS-fs (loop4): Found nat_bits in checkpoint
[  334.315573][T11348] loop6: detected capacity change from 0 to 16
[  334.332092][T11348] erofs: (device loop6): mounted with root inode @ nid 36.
[  334.498104][T11326] F2FS-fs (loop4): Start checkpoint disabled!
[  334.548004][T11326] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  334.959933][ T8507] kworker/u4:9: attempt to access beyond end of device
[  334.959933][ T8507] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  334.998651][ T8507] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  335.012412][ T8507] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  335.612389][T11376] sock: sock_set_timeout: `syz.3.1685' (pid 11376) tries to set negative timeout
[  335.658135][T11375] netlink: 332 bytes leftover after parsing attributes in process `syz.4.1677'.
[  335.860707][T11383] UHID_CREATE from different security context by process 833 (syz.4.1688), this is not allowed.
[  335.958182][T11380] loop3: detected capacity change from 0 to 4096
[  335.977274][T11380] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  336.585034][ T5835] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  336.784833][ T5835] usb 4-1: Using ep0 maxpacket: 32
[  336.808081][ T5835] usb 4-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  336.817293][ T5835] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.845942][ T5835] usb 4-1: config 0 descriptor??
[  336.868830][ T5835] gspca_main: sq930x-2.14.0 probing 041e:403c
[  336.944486][T11400] loop7: detected capacity change from 0 to 32768
[  336.966682][T11400] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  337.011815][T11400] XFS (loop7): Ending clean mount
[  337.158067][ T9511] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  337.524979][ T5835] gspca_sq930x: reg_w 0305 fd00 failed -71
[  337.531092][ T5835] sq930x: probe of 4-1:0.0 failed with error -71
[  337.559076][ T5835] usb 4-1: USB disconnect, device number 15
[  337.763897][T11415] loop4: detected capacity change from 0 to 32768
[  337.777367][T11411] loop6: detected capacity change from 0 to 40427
[  337.805574][T11411] F2FS-fs (loop6): invalid crc value
[  337.836081][T11411] F2FS-fs (loop6): Found nat_bits in checkpoint
[  337.958370][T11411] F2FS-fs (loop6): Start checkpoint disabled!
[  338.002843][T11411] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  338.378395][  T158] kworker/u4:6: attempt to access beyond end of device
[  338.378395][  T158] loop6: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  338.430266][  T158] kworker/u4:6: attempt to access beyond end of device
[  338.430266][  T158] loop6: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  338.449131][  T158] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  338.457250][  T158] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  338.474047][  T158] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  338.679607][ T7035] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  338.695519][ T5835] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  338.887446][ T7035] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  338.899299][ T5835] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  338.907733][ T7035] usb 4-1: config 0 interface 0 has no altsetting 0
[  338.914671][ T5835] usb 5-1: config 0 has no interface number 0
[  338.922437][ T7035] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  338.935181][ T5835] usb 5-1: config 0 interface 1 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  338.942638][ T7035] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  338.960121][ T7035] usb 4-1: Product: syz
[  338.962534][ T5835] usb 5-1: config 0 interface 1 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  338.964481][ T7035] usb 4-1: Manufacturer: syz
[  338.980316][ T7035] usb 4-1: SerialNumber: syz
[  338.995213][ T5835] usb 5-1: config 0 interface 1 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  338.998138][ T7035] usb 4-1: config 0 descriptor??
[  339.018498][ T5835] usb 5-1: config 0 interface 1 has no altsetting 0
[  339.030885][ T5835] usb 5-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[  339.041835][ T5835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.057322][ T7035] usb 4-1: selecting invalid altsetting 0
[  339.073249][ T5835] usb 5-1: config 0 descriptor??
[  339.263858][ T7035] usb 4-1: USB disconnect, device number 16
[  339.715143][ T5835] uclogic 0003:145F:0212.000C: pen parameters not found
[  339.736144][ T5835] uclogic 0003:145F:0212.000C: interface is invalid, ignoring
[  339.979947][ T5813] usb 5-1: USB disconnect, device number 11
[  340.113541][T11444] loop7: detected capacity change from 0 to 32768
[  340.144848][ T5835] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  340.216841][   T28] audit: type=1800 audit(1772069278.614:38): pid=11444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1709" name="file1" dev="loop7" ino=4 res=0 errno=0
[  340.258813][T11444] syz.7.1709: attempt to access beyond end of device
[  340.258813][T11444] loop7: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[  340.292291][T11444] metapage_write_end_io: I/O error
[  340.314943][T11444] ERROR: (device loop7): diWrite: ixpxd invalid
[  340.314943][T11444] 
[  340.344845][T11444] ERROR: (device loop7): remounting filesystem as read-only
[  340.355075][T11444] ERROR: (device loop7): txCommit: 
[  340.355075][T11444] 
[  340.363623][ T5835] usb 7-1: Using ep0 maxpacket: 32
[  340.397597][T11444] blkno = 8ed2c, nblocks = 1
[  340.402807][T11444] ERROR: (device loop7): dbUpdatePMap: blocks are outside the map
[  340.402807][T11444] 
[  340.428078][ T5835] usb 7-1: unable to get BOS descriptor or descriptor too short
[  340.436390][ T5835] usb 7-1: too many configurations: 245, using maximum allowed: 8
[  340.460800][ T5835] usb 7-1: unable to read config index 0 descriptor/start: -71
[  340.468716][ T5835] usb 7-1: can't read configurations, error -71
[  340.493521][T11444] ERROR: (device loop7): dbAllocBits: leaf page corrupt
[  340.493521][T11444] 
[  340.504053][T11444] syz.7.1709: attempt to access beyond end of device
[  340.504053][T11444] loop7: rw=34817, sector=4683776, nr_sectors = 4 limit=32768
[  340.525746][T11444] syz.7.1709: attempt to access beyond end of device
[  340.525746][T11444] loop7: rw=34817, sector=4683780, nr_sectors = 2048 limit=32768
[  340.540639][T11444] syz.7.1709: attempt to access beyond end of device
[  340.540639][T11444] loop7: rw=34817, sector=4685828, nr_sectors = 516 limit=32768
[  340.567029][  T113] blkno = 8ed2c, nblocks = 4
[  340.571691][  T113] ERROR: (device loop7): dbUpdatePMap: blocks are outside the map
[  340.571691][  T113] 
[  340.582164][  T113] blkno = 8ef00, nblocks = 141
[  340.589392][  T113] ERROR: (device loop7): dbFree: block to be freed is outside the map
[  340.589392][  T113] 
[  340.761068][T11450] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  340.820060][T11450] overlayfs: overlapping lowerdir path
[  341.292861][T11464] loop4: detected capacity change from 0 to 512
[  341.353833][T11464] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  341.486690][T11473] loop3: detected capacity change from 0 to 256
[  341.501882][T11473] exfat: Deprecated parameter 'namecase'
[  341.551201][T11473] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  341.600807][ T6488] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.847886][T11476] loop6: detected capacity change from 0 to 32768
[  341.907966][T11476] JBD2: Ignoring recovery information on journal
[  341.962354][T11476] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  341.972642][T11483] loop3: detected capacity change from 0 to 128
[  342.050667][   T28] audit: type=1800 audit(1772069280.454:39): pid=11483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1726" name="file1" dev="loop3" ino=1048661 res=0 errno=0
[  342.154493][T11476] OCFS2: ERROR (device loop6): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature 
[  342.172055][T11476] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  342.182024][T11476] OCFS2: File system is now read-only.
[  342.187731][T11476] (syz.6.1723,11476,0):ocfs2_find_entry_dx:1029 ERROR: status = -30
[  342.205592][T11476] OCFS2: ERROR (device loop6): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature 
[  342.222284][T11476] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  342.232488][T11476] (syz.6.1723,11476,0):ocfs2_find_entry_dx:1029 ERROR: status = -30
[  342.240668][T11476] (syz.6.1723,11476,0):ocfs2_mknod:502 ERROR: status = -30
[  342.248071][T11476] (syz.6.1723,11476,0):ocfs2_create:676 ERROR: status = -30
[  342.394028][ T7747] ocfs2: Unmounting device (7,6) on (node local)
[  342.430589][T11488] loop3: detected capacity change from 0 to 256
[  342.477219][T11488] exfat: Deprecated parameter 'utf8'
[  342.482595][T11488] exfat: Deprecated parameter 'utf8'
[  342.521341][T11488] exfat: Deprecated parameter 'utf8'
[  342.638921][T11488] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  343.245039][ T5813] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  343.434863][ T5813] usb 4-1: Using ep0 maxpacket: 32
[  343.446011][ T5813] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  343.464809][ T5813] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.485992][ T5813] usb 4-1: config 0 descriptor??
[  343.499564][T11513] loop6: detected capacity change from 0 to 32768
[  343.533083][T11513] JBD2: Ignoring recovery information on journal
[  343.599813][T11513] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  343.705010][ T5813] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  343.717079][ T5813] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  343.730316][ T5813] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  343.744490][ T5813] usb 4-1: media controller created
[  343.789317][ T7747] ocfs2: Unmounting device (7,6) on (node local)
[  343.810574][ T5813] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  343.922410][ T5813] az6027: usb out operation failed. (-71)
[  343.940632][ T5813] az6027: usb out operation failed. (-71)
[  343.974834][ T5813] stb0899_attach: Driver disabled by Kconfig
[  343.980936][ T5813] az6027: no front-end attached
[  343.980936][ T5813] 
[  344.025119][ T5813] az6027: usb out operation failed. (-71)
[  344.030943][ T5813] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  344.066781][ T5813] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input22
[  344.114452][ T5813] dvb-usb: schedule remote query interval to 400 msecs.
[  344.152312][ T5813] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  344.188226][ T5813] usb 4-1: USB disconnect, device number 17
[  344.404086][ T5813] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  345.238557][   T12] kworker/u4:1: attempt to access beyond end of device
[  345.238557][   T12] loop7: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[  345.284804][   T12] metapage_write_end_io: I/O error
[  345.290842][   T12] JFS: metapage_get_blocks failed
[  345.318922][   T12] JFS: metapage_get_blocks failed
[  345.844958][   T27] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  346.067637][   T27] usb 5-1: Using ep0 maxpacket: 8
[  346.087131][   T27] usb 5-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  346.105706][   T27] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.113909][   T27] usb 5-1: Product: syz
[  346.134888][   T27] usb 5-1: Manufacturer: syz
[  346.139561][   T27] usb 5-1: SerialNumber: syz
[  346.155881][   T27] usb 5-1: config 0 descriptor??
[  346.393642][   T27] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  346.644229][T11578] netlink: 132 bytes leftover after parsing attributes in process `syz.7.1766'.
[  347.002174][   T27] gspca_sunplus: reg_w_riv err -71
[  347.014873][   T27] sunplus: probe of 5-1:0.0 failed with error -71
[  347.040757][   T27] usb 5-1: USB disconnect, device number 12
[  347.734539][T11596] syzkaller1: tun_chr_ioctl cmd 1074025694
[  348.927098][T11628] netlink: 201392 bytes leftover after parsing attributes in process `syz.3.1789'.
[  348.963092][T11628] netlink: zone id is out of range
[  348.985132][T11628] netlink: zone id is out of range
[  349.004969][T11628] netlink: zone id is out of range
[  349.018483][T11628] netlink: zone id is out of range
[  349.033880][T11628] netlink: zone id is out of range
[  349.044820][T11628] netlink: zone id is out of range
[  349.064860][T11628] netlink: zone id is out of range
[  349.094832][T11628] netlink: zone id is out of range
[  349.100041][T11628] netlink: zone id is out of range
[  349.124893][T11628] netlink: zone id is out of range
[  349.750420][T11630] loop4: detected capacity change from 0 to 32768
[  349.801370][T11630] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  349.834522][T11649] loop6: detected capacity change from 0 to 256
[  349.904108][T11630] XFS (loop4): Ending clean mount
[  349.959113][T11649] FAT-fs (loop6): Directory bread(block 64) failed
[  350.023727][T11649] FAT-fs (loop6): Directory bread(block 65) failed
[  350.054915][T11649] FAT-fs (loop6): Directory bread(block 66) failed
[  350.061567][T11649] FAT-fs (loop6): Directory bread(block 67) failed
[  350.095342][T11655] netlink: 548 bytes leftover after parsing attributes in process `syz.7.1798'.
[  350.105769][T11649] FAT-fs (loop6): Directory bread(block 68) failed
[  350.112404][T11649] FAT-fs (loop6): Directory bread(block 69) failed
[  350.165850][T11649] FAT-fs (loop6): Directory bread(block 70) failed
[  350.195123][T11649] FAT-fs (loop6): Directory bread(block 71) failed
[  350.216364][T11649] FAT-fs (loop6): Directory bread(block 72) failed
[  350.228050][ T6488] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  350.247211][T11649] FAT-fs (loop6): Directory bread(block 73) failed
[  350.363236][   T11] JFS: metapage_get_blocks failed
[  350.699665][T11659] Falling back ldisc for ttyS3.
[  350.717594][T11638] loop3: detected capacity change from 0 to 40427
[  350.745692][T11638] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  350.789868][T11638] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  350.816264][T11638] F2FS-fs (loop3): invalid crc value
[  350.888150][T11638] F2FS-fs (loop3): Found nat_bits in checkpoint
[  351.047440][T11638] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  351.054646][T11638] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  351.335453][T11679] pimreg: tun_chr_ioctl cmd 1077974060
[  351.969790][T11695] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1816'.
[  351.986213][T11695] netlink: 'syz.7.1816': attribute type 18 has an invalid length.
[  351.994266][T11695] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1816'.
[  352.775324][T11699] loop4: detected capacity change from 0 to 40427
[  352.794927][T11699] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[  352.802041][T11699] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  352.817202][T11712] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1821'.
[  352.829324][T11699] F2FS-fs (loop4): Found nat_bits in checkpoint
[  352.890664][T11699] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  352.908077][T11699] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  353.313556][T11723] loop6: detected capacity change from 0 to 4096
[  353.361474][T11723] NILFS (loop6): invalid segment: Checksum error in segment payload
[  353.394791][T11723] NILFS (loop6): trying rollback from an earlier position
[  353.448899][T11723] NILFS (loop6): recovery complete
[  353.467916][T11726] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  353.617935][ T6488] syz-executor: attempt to access beyond end of device
[  353.617935][ T6488] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  353.664086][ T6488] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  353.895294][T11733] loop3: detected capacity change from 0 to 256
[  353.993392][T11735] loop6: detected capacity change from 0 to 512
[  354.030616][T11735] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  354.248857][ T7747] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.665632][T11747] bond0: (slave bond_slave_0): Releasing backup interface
[  354.729005][T11747] team0: Port device bond_slave_0 added
[  354.754273][T11747] net_ratelimit: 56 callbacks suppressed
[  354.754291][T11747] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  355.205014][ T7035] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  355.308972][T11767] loop4: detected capacity change from 0 to 256
[  355.367836][T11767] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  355.405593][ T7035] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[  355.421923][T11767] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  355.434531][ T7035] usb 7-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  355.476120][  T158] JFS: metapage_get_blocks failed
[  355.492607][ T7035] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  355.531961][ T7035] usb 7-1: config 220 has no interface number 2
[  355.549006][ T7035] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  355.583136][ T7035] usb 7-1: config 220 interface 0 has no altsetting 0
[  355.592109][ T7035] usb 7-1: config 220 interface 76 has no altsetting 0
[  355.609378][ T7035] usb 7-1: config 220 interface 1 has no altsetting 0
[  355.629858][ T7035] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  355.654233][ T7035] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  355.672861][ T7035] usb 7-1: Product: syz
[  355.694845][ T7035] usb 7-1: Manufacturer: syz
[  355.703000][ T7035] usb 7-1: SerialNumber: syz
[  355.890175][T11775] mkiss: ax0: crc mode is auto.
[  355.911084][T11777] program syz.3.1847 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  355.996801][ T7035] usb 7-1: Found UVC 7.01 device syz (8086:0b07)
[  356.003240][ T7035] usb 7-1: No valid video chain found.
[  356.020026][ T7035] usb 7-1: selecting invalid altsetting 0
[  356.101936][ T7035] usb 7-1: selecting invalid altsetting 0
[  356.112115][ T7035] usbtest: probe of 7-1:220.1 failed with error -22
[  356.125881][T11781] netlink: 72 bytes leftover after parsing attributes in process `syz.7.1856'.
[  356.165119][ T7035] usb 7-1: USB disconnect, device number 12
[  356.184916][T11781] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1856'.
[  356.194612][T11781] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1856'.
[  356.360815][T11783] bond0: (slave bond_slave_0): Releasing backup interface
[  356.443214][T11783] team0: Port device bond_slave_0 added
[  356.465841][T11783] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  357.473422][T11813] loop6: detected capacity change from 0 to 128
[  357.576332][T11813] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  357.627068][T11813] ext4 filesystem being mounted at /307/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  357.659096][    C1] vkms_vblank_simulate: vblank timer overrun
[  357.813302][ T7747] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  358.016467][T11821] mkiss: ax0: crc mode is auto.
[  358.166590][T11821] Falling back ldisc for ttyS3.
[  358.631621][T11838] netlink: 'syz.3.1872': attribute type 3 has an invalid length.
[  358.645041][ T5810] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  358.835457][ T5810] usb 7-1: Using ep0 maxpacket: 32
[  358.885519][ T5810] usb 7-1: config index 0 descriptor too short (expected 45, got 36)
[  358.893711][ T5810] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  358.914963][ T5810] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  358.936354][ T5810] usb 7-1: config 0 interface 0 has no altsetting 0
[  358.943706][ T5810] usb 7-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00
[  358.964983][ T5810] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.979191][ T5810] usb 7-1: config 0 descriptor??
[  359.412384][ T5810] hid-led 0003:1D34:0004.000D: unknown main item tag 0x0
[  359.426132][ T5810] hid-led 0003:1D34:0004.000D: unknown main item tag 0x0
[  359.433395][ T5810] hid-led 0003:1D34:0004.000D: unknown main item tag 0x0
[  359.444997][ T5810] hid-led 0003:1D34:0004.000D: unknown main item tag 0x0
[  359.452182][ T5810] hid-led 0003:1D34:0004.000D: unknown main item tag 0x0
[  359.461792][T11849] bond0: (slave bond_slave_0): Releasing backup interface
[  359.464626][ T5810] hid-led 0003:1D34:0004.000D: unknown main item tag 0x0
[  359.499938][ T5810] hid-led 0003:1D34:0004.000D: unknown main item tag 0x0
[  359.560161][T11849] team0: Port device bond_slave_0 added
[  359.576519][T11849] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  359.639705][ T5810] hid-led 0003:1D34:0004.000D: hidraw0: USB HID v0.00 Device [HID 1d34:0004] on usb-dummy_hcd.6-1/input0
[  359.698763][ T5810] hid-led 0003:1D34:0004.000D: Dream Cheeky Webmail Notifier initialized
[  359.909723][T11861] loop4: detected capacity change from 0 to 64
[  359.991543][T11861] hfs: request for non-existent node 1280 in B*Tree
[  360.007848][ T5810] usb 7-1: USB disconnect, device number 13
[  360.029434][T11861] hfs: request for non-existent node 1280 in B*Tree
[  360.194975][   T11] hfs: request for non-existent node 1280 in B*Tree
[  360.202763][   T11] hfs: request for non-existent node 1280 in B*Tree
[  360.930720][ T5081] Bluetooth: hci3: unexpected event for opcode 0x204e
[  361.727142][T11910] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1903'.
[  362.075390][T11918] netlink: 'syz.6.1907': attribute type 11 has an invalid length.
[  362.083283][T11918] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1907'.
[  362.193192][T11921] loop3: detected capacity change from 0 to 256
[  362.966486][ T5816] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  363.009791][ T5816] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  363.246990][T11943] loop6: detected capacity change from 0 to 164
[  363.358209][T11943] rock: directory entry would overflow storage
[  363.374837][T11943] rock: sig=0x66, size=4, remaining=3
[  363.446543][T11943] rock: directory entry would overflow storage
[  363.454205][T11943] rock: sig=0x66, size=4, remaining=3
[  364.075077][ T5816] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  364.275293][ T5816] usb 7-1: Using ep0 maxpacket: 16
[  364.296912][ T5816] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  364.314856][ T5816] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  364.324663][ T5816] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  364.374853][ T5816] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  364.395628][ T5816] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.417044][ T5816] usb 7-1: config 0 descriptor??
[  364.864712][ T5816] input: HID 045e:07da as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:045E:07DA.000F/input/input23
[  364.927380][ T5816] microsoft 0003:045E:07DA.000F: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.6-1/input0
[  365.083060][ T5816] usb 7-1: USB disconnect, device number 14
[  365.185867][T11967] fido_id[11967]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  365.578175][T11981] autofs4:pid:11981:autofs_fill_super: pipe file descriptor does not contain proper ops
[  366.697926][   T28] audit: type=1326 audit(1772069305.104:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.4.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff07759c629 code=0x7ffc0000
[  366.764819][   T28] audit: type=1326 audit(1772069305.104:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.4.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff07759c629 code=0x7ffc0000
[  366.814237][   T28] audit: type=1326 audit(1772069305.114:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.4.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7ff07759c629 code=0x7ffc0000
[  366.880288][   T28] audit: type=1326 audit(1772069305.114:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.4.1948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff07759c629 code=0x7ffc0000
[  367.572132][T12022] pim6reg0: tun_chr_ioctl cmd 2147767517
[  368.145213][ T5816] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  368.345573][ T5816] usb 7-1: Using ep0 maxpacket: 8
[  368.369030][ T5816] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  368.389166][ T5816] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  368.399898][ T5816] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  368.424491][ T5816] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  368.475379][ T5816] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  368.491141][ T5816] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.723198][ T5816] usb 7-1: GET_CAPABILITIES returned 0
[  368.744876][ T5816] usbtmc 7-1:16.0: can't read capabilities
[  368.964355][   T23] usb 7-1: USB disconnect, device number 15
[  369.812236][T12077] loop6: detected capacity change from 0 to 1024
[  370.112962][T12085] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  370.503390][T12096] program syz.7.1987 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  371.075261][ T5081] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  371.082535][ T5780] Bluetooth: hci4: command 0x1003 tx timeout
[  371.162640][   T28] audit: type=1326 audit(1772069309.564:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12119 comm="syz.7.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18af79c629 code=0x7ffc0000
[  371.204980][   T28] audit: type=1326 audit(1772069309.604:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12119 comm="syz.7.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18af79c629 code=0x7ffc0000
[  371.227308][    C1] vkms_vblank_simulate: vblank timer overrun
[  371.257997][   T28] audit: type=1326 audit(1772069309.644:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12119 comm="syz.7.1998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f18af79c629 code=0x7ffc0000
[  371.326470][   T28] audit: type=1326 audit(1772069309.734:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12119 comm="syz.7.1998" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f18af79c629 code=0x0
[  371.736861][T12135] input: syz0 as /devices/virtual/input/input26
[  371.874057][T12139] netlink: 'syz.7.2004': attribute type 2 has an invalid length.
[  372.730535][T12141] loop3: detected capacity change from 0 to 32768
[  372.782518][T12141] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  372.859827][T12141] XFS (loop3): Ending clean mount
[  372.865684][T12143] loop6: detected capacity change from 0 to 40427
[  372.884962][T12143] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x7ffff
[  372.902166][T12143] F2FS-fs (loop6): Image doesn't support compression
[  372.913603][T12143] F2FS-fs (loop6): Image doesn't support compression
[  372.925797][T12143] F2FS-fs (loop6): invalid crc value
[  372.945492][T12143] F2FS-fs (loop6): Found nat_bits in checkpoint
[  373.061429][T12143] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  373.093845][ T8413] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  373.186666][   T28] audit: type=1800 audit(1772069311.594:48): pid=12143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2006" name="file1" dev="loop6" ino=10 res=0 errno=0
[  373.207183][    C1] vkms_vblank_simulate: vblank timer overrun
[  373.328918][ T7747] syz-executor: attempt to access beyond end of device
[  373.328918][ T7747] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  373.346564][ T7747] F2FS-fs (loop6): Remounting filesystem read-only
[  373.896491][T12177] loop6: detected capacity change from 0 to 2048
[  373.953019][T12177] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  374.068171][T12173] loop4: detected capacity change from 0 to 32768
[  374.112563][T12179] UDF-fs: bad mount option "#! 
[  374.112563][T12179] s" or missing value
[  374.125138][T12173] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  374.234313][T12173] XFS (loop4): Ending clean mount
[  374.308947][T12173] XFS (loop4): Quotacheck needed: Please wait.
[  374.536394][T12173] XFS (loop4): Quotacheck: Done.
[  374.636483][ T6488] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  375.685074][   T23] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  375.795266][ T5780] Bluetooth: hci2: command 0x0406 tx timeout
[  375.811236][T12216] IPVS: wlc: FWM 3 0x00000003 - no destination available
[  375.832327][T12203] loop4: detected capacity change from 0 to 32768
[  375.846006][ T5813] IPVS: starting estimator thread 0...
[  375.870931][T12203] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  375.909799][T12203] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  375.917096][   T23] usb 4-1: Using ep0 maxpacket: 32
[  375.933859][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  375.945931][T12217] IPVS: using max 17 ests per chain, 40800 per kthread
[  375.970560][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  375.983101][   T23] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  376.020398][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  376.048907][   T23] usb 4-1: config 0 descriptor??
[  376.120271][T12203] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  376.352255][T12225] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  376.372905][T12203] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  376.553102][   T23] savu 0003:1E7D:2D5A.0010: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[  376.667296][T12231] netlink: 100 bytes leftover after parsing attributes in process `syz.7.2037'.
[  376.984114][   T23] usb 4-1: USB disconnect, device number 18
[  377.884745][    C0] sched: RT throttling activated
[  378.787470][T12263] loop3: detected capacity change from 0 to 512
[  378.801072][T12263] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  378.823726][T12263] EXT4-fs (loop3): invalid journal inode
[  378.843265][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  378.849793][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  378.884107][T12263] EXT4-fs (loop3): can't get journal size
[  378.945622][T12263] EXT4-fs (loop3): 1 truncate cleaned up
[  378.952648][T12263] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  378.993019][T12268] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2054'.
[  379.173733][ T8413] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.348106][T12275] loop3: detected capacity change from 0 to 512
[  379.383568][T12275] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.2057: inode has both inline data and extents flags
[  379.418732][T12275] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.2057: couldn't read orphan inode 15 (err -117)
[  379.467111][T12253] loop4: detected capacity change from 0 to 40427
[  379.495177][T12275] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.507475][T12253] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[  379.514141][T12253] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  379.536609][T12253] F2FS-fs (loop4): Found nat_bits in checkpoint
[  379.642363][T12253] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  379.668293][T12253] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  379.689261][ T8413] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.960491][ T6488] syz-executor: attempt to access beyond end of device
[  379.960491][ T6488] loop4: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  380.004984][ T6488] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  380.025198][ T6488] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  380.036091][ T6488] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  380.160090][T12288] loop3: detected capacity change from 0 to 512
[  380.231471][T12288] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.284556][T12292] netlink: 84 bytes leftover after parsing attributes in process `syz.7.2064'.
[  380.294136][T12288] ext4 filesystem being mounted at /306/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  380.421907][T12288] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.2061: iget: bad i_size value: 2533274857506816
[  380.458331][T12278] loop6: detected capacity change from 0 to 32768
[  380.487341][T12293] EXT4-fs warning (device loop3): ext4_resize_begin:84: There are errors in the filesystem, so online resizing is not allowed
[  380.544266][T12278] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  380.671813][ T8413] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.693072][T12278] XFS (loop6): Ending clean mount
[  380.786286][T12278] XFS (loop6): Quotacheck needed: Please wait.
[  380.945241][T12278] XFS (loop6): Quotacheck: Done.
[  381.295711][ T7747] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  381.767350][   T23] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  381.964818][   T23] usb 5-1: Using ep0 maxpacket: 16
[  381.972533][   T23] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  382.020069][   T23] usb 5-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  382.042206][   T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.055075][T12330] netlink: 'syz.6.2077': attribute type 1 has an invalid length.
[  382.063012][T12330] nbd: error processing sock list
[  382.064847][   T23] usb 5-1: Product: syz
[  382.082574][T12330] block nbd1: shutting down sockets
[  382.088557][   T23] usb 5-1: Manufacturer: syz
[  382.093258][   T23] usb 5-1: SerialNumber: syz
[  382.110855][   T23] usb 5-1: config 0 descriptor??
[  382.127226][   T23] hub 5-1:0.0: bad descriptor, ignoring hub
[  382.133326][   T23] hub: probe of 5-1:0.0 failed with error -5
[  382.169853][   T23] usb 5-1: Quirk or no altest; falling back to MIDI 1.0
[  382.538407][   T23] usb 5-1: USB disconnect, device number 13
[  382.719899][T12328] loop3: detected capacity change from 0 to 32768
[  382.741800][T12328] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.2076 (12328)
[  382.795993][T12328] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  382.814477][T12328] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  382.829696][T12328] BTRFS info (device loop3): using free space tree
[  382.973796][T12328] BTRFS info (device loop3): enabling ssd optimizations
[  383.004956][T12328] BTRFS info (device loop3): auto enabling async discard
[  383.660635][ T8413] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  383.923819][ T5816] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  384.120579][ T5816] usb 5-1: config 0 interface 0 has no altsetting 0
[  384.168521][ T5816] usb 5-1: New USB device found, idVendor=054c, idProduct=09cc, bcdDevice= 0.00
[  384.198190][ T5816] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.254494][ T5816] usb 5-1: config 0 descriptor??
[  384.347504][T12378] option changes via remount are deprecated (pid=12377 comm=syz.3.2087)
[  384.594971][ T5780] Bluetooth: hci4: command 0x1003 tx timeout
[  384.604523][ T5081] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  384.719768][ T5816] playstation 0003:054C:09CC.0011: hidraw0: USB HID v0.00 Device [HID 054c:09cc] on usb-dummy_hcd.4-1/input0
[  384.892124][T12387] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2090'.
[  384.911475][ T5816] playstation 0003:054C:09CC.0011: Invalid byte count transferred, expected 16 got 0
[  384.952466][ T5816] playstation 0003:054C:09CC.0011: Failed to retrieve DualShock4 pairing info: -22
[  384.999998][ T5816] playstation 0003:054C:09CC.0011: Failed to get MAC address from DualShock4
[  385.054890][ T5816] playstation 0003:054C:09CC.0011: Failed to create dualshock4.
[  385.076102][ T5816] playstation: probe of 0003:054C:09CC.0011 failed with error -22
[  385.120052][T12389] loop3: detected capacity change from 0 to 2048
[  385.175746][T12389] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=3932051, location=3932051
[  385.195439][   T27] usb 5-1: USB disconnect, device number 14
[  385.313626][T12389] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  385.415651][   T28] audit: type=1326 audit(1772069323.814:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12393 comm="syz.7.2093" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f18af79c629 code=0x0
[  385.936929][T12413] loop4: detected capacity change from 0 to 16
[  385.994848][T12413] erofs: (device loop4): mounted with root inode @ nid 36.
[  386.505086][T12422] loop6: detected capacity change from 0 to 128
[  386.568995][T12422] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  386.582862][T12422] ext4 filesystem being mounted at /370/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  386.605668][T12422] EXT4-fs warning (device loop6): verify_group_input:151: Cannot add at group 26915 (only 1 groups)
[  386.686403][ T7747] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  386.808887][T12414] loop3: detected capacity change from 0 to 32768
[  386.834350][T12428] loop4: detected capacity change from 0 to 256
[  386.883369][T12428] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[  386.932292][T12414] JBD2: Ignoring recovery information on journal
[  387.081314][T12414] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  388.124003][ T8413] ocfs2: Unmounting device (7,3) on (node local)
[  388.149908][   T27] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  388.376325][   T27] usb 7-1: Using ep0 maxpacket: 32
[  388.415208][   T27] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  388.458593][   T27] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  388.505272][   T27] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  388.563624][   T27] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.590613][   T27] usb 7-1: config 0 descriptor??
[  389.050676][   T27] savu 0003:1E7D:2D5A.0012: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.6-1/input0
[  389.183359][T12470] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2125'.
[  389.401564][    T9] usb 7-1: USB disconnect, device number 16
[  390.309246][T12488] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2132'.
[  390.572664][T12476] loop3: detected capacity change from 0 to 131072
[  390.584382][T12476] F2FS-fs (loop3): Segment count (31) mismatch with total segments from devices (0)
[  390.594213][T12476] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  390.628094][T12476] F2FS-fs (loop3): invalid crc value
[  390.652058][T12476] F2FS-fs (loop3): Found nat_bits in checkpoint
[  390.718313][T12476] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  390.725511][T12476] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  392.135434][T12516] program syz.6.2144 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  393.069417][T12541] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2156'.
[  393.305028][ T7035] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  393.367633][T12550] loop6: detected capacity change from 0 to 256
[  393.402627][T12550] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  393.526668][ T7035] usb 4-1: Using ep0 maxpacket: 16
[  393.537249][ T7035] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  393.588478][ T7035] usb 4-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  393.616204][ T7035] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  393.659201][ T7035] usb 4-1: config 0 descriptor??
[  393.705625][T12556] loop4: detected capacity change from 0 to 256
[  393.887404][T12556] FAT-fs (loop4): Directory bread(block 64) failed
[  393.909323][T12556] FAT-fs (loop4): Directory bread(block 65) failed
[  393.935000][T12556] FAT-fs (loop4): Directory bread(block 66) failed
[  393.941663][T12556] FAT-fs (loop4): Directory bread(block 67) failed
[  393.975162][T12556] FAT-fs (loop4): Directory bread(block 68) failed
[  394.002151][T12556] FAT-fs (loop4): Directory bread(block 69) failed
[  394.029377][T12556] FAT-fs (loop4): Directory bread(block 70) failed
[  394.040101][T12556] FAT-fs (loop4): Directory bread(block 71) failed
[  394.055045][T12556] FAT-fs (loop4): Directory bread(block 72) failed
[  394.064259][T12556] FAT-fs (loop4): Directory bread(block 73) failed
[  394.076189][ T7035] creative-sb0540 0003:041E:3100.0013: unknown main item tag 0x0
[  394.105081][ T7035] creative-sb0540 0003:041E:3100.0013: unknown main item tag 0x0
[  394.112919][ T7035] creative-sb0540 0003:041E:3100.0013: collection stack underflow
[  394.154835][ T7035] creative-sb0540 0003:041E:3100.0013: item 0 0 0 12 parsing failed
[  394.184125][ T7035] creative-sb0540 0003:041E:3100.0013: parse failed
[  394.209226][ T7035] creative-sb0540: probe of 0003:041E:3100.0013 failed with error -22
[  394.249829][T12560] loop6: detected capacity change from 0 to 4096
[  394.281321][ T7035] usb 4-1: USB disconnect, device number 19
[  394.358689][T12560] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  394.416142][T12560] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  394.537573][ T7747] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  395.072512][T12575] loop4: detected capacity change from 0 to 256
[  395.129215][T12575] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  395.174999][T12575] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  395.188668][T12575] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xaa2dc89a, utbl_chksum : 0xe619d30d)
[  395.297999][T12577] loop6: detected capacity change from 0 to 1024
[  395.345581][T12577] EXT4-fs: Ignoring removed orlov option
[  395.466075][T12577] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  395.560029][T12581] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2174'.
[  395.968048][ T7747] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  396.412449][T12608] ALSA: mixer_oss: invalid OSS volume ''
[  396.854260][T12622] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  396.861632][T12622] IPv6: NLM_F_CREATE should be set when creating new route
[  396.869015][T12622] IPv6: NLM_F_CREATE should be set when creating new route
[  396.876337][T12622] IPv6: NLM_F_CREATE should be set when creating new route
[  396.893020][T12622] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  397.158129][T12635] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2197'.
[  397.710240][T12637] loop4: detected capacity change from 0 to 32768
[  397.730879][T12637] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 10
[  397.906299][ T5775] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 10
[  398.277063][T12654] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2207'.
[  398.693925][ T5780] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  398.715152][ T5810] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  398.715201][ T5780] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  398.738471][ T5780] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  398.748042][ T5780] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  398.757297][ T5780] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  398.778286][ T5780] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  398.846797][T12666] loop6: detected capacity change from 0 to 4096
[  398.889485][T12666] ntfs: volume version 3.1.
[  398.907705][ T5810] usb 5-1: config 1 interface 0 altsetting 93 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  398.955603][ T5810] usb 5-1: config 1 interface 0 has no altsetting 0
[  398.984923][ T5810] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  398.994026][ T5810] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  399.021973][ T5810] usb 5-1: SerialNumber: syz
[  399.200588][T12663] chnl_net:caif_netlink_parms(): no params data found
[  399.377403][T12663] bridge0: port 1(bridge_slave_0) entered blocking state
[  399.385369][T12663] bridge0: port 1(bridge_slave_0) entered disabled state
[  399.393207][T12663] bridge_slave_0: entered allmulticast mode
[  399.403887][T12663] bridge_slave_0: entered promiscuous mode
[  399.415640][T12663] bridge0: port 2(bridge_slave_1) entered blocking state
[  399.425050][T12663] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.432382][T12663] bridge_slave_1: entered allmulticast mode
[  399.440317][T12663] bridge_slave_1: entered promiscuous mode
[  399.479310][T12663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  399.492845][T12663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  399.524893][   T23] usb 7-1: new full-speed USB device number 17 using dummy_hcd
[  399.552974][T12663] team0: Port device team_slave_0 added
[  399.562619][T12663] team0: Port device team_slave_1 added
[  399.595758][T12663] batman_adv: batadv0: Adding interface: batadv_slave_0
[  399.603036][T12663] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  399.629003][    C1] vkms_vblank_simulate: vblank timer overrun
[  399.645125][T12663] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  399.663101][T12663] batman_adv: batadv0: Adding interface: batadv_slave_1
[  399.670458][T12663] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  399.696370][    C1] vkms_vblank_simulate: vblank timer overrun
[  399.704824][T12663] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  399.742063][ T5810] cdc_ether 5-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.4-1, CDC Ethernet Device, 42:42:42:42:42:42
[  399.768550][   T23] usb 7-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  399.805189][   T23] usb 7-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  399.831258][   T23] usb 7-1: config 0 interface 0 has no altsetting 0
[  399.844970][   T23] usb 7-1: New USB device found, idVendor=047f, idProduct=c055, bcdDevice= 0.00
[  399.854074][   T23] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.866352][T12663] hsr_slave_0: entered promiscuous mode
[  399.874114][T12663] hsr_slave_1: entered promiscuous mode
[  399.881945][T12663] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  399.892374][   T23] usb 7-1: config 0 descriptor??
[  399.897445][T12663] Cannot create hsr debugfs directory
[  399.904157][T12672] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  400.012917][   T27] usb 5-1: USB disconnect, device number 15
[  400.022496][   T27] cdc_ether 5-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.4-1, CDC Ethernet Device
[  400.197666][   T23] usbhid 7-1:0.0: can't add hid device: -71
[  400.217124][   T23] usbhid: probe of 7-1:0.0 failed with error -71
[  400.255467][   T23] usb 7-1: USB disconnect, device number 17
[  400.564588][T12663] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.797052][T12663] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.835874][ T5780] Bluetooth: hci2: command tx timeout
[  400.972287][T12663] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.152533][T12698] loop4: detected capacity change from 0 to 2048
[  401.199712][T12698] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  401.225363][T12698] NILFS (loop4): mounting unchecked fs
[  401.239433][T12663] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.269547][T12698] NILFS (loop4): recovery complete
[  401.326165][T12701] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  401.829306][   T28] audit: type=1326 audit(1772069340.234:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12713 comm="syz.7.2221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18af79c629 code=0x7ffc0000
[  401.949300][   T28] audit: type=1326 audit(1772069340.234:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12713 comm="syz.7.2221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18af79c629 code=0x7ffc0000
[  401.970713][T12663] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  402.054157][   T28] audit: type=1326 audit(1772069340.264:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12713 comm="syz.7.2221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f18af79c629 code=0x7ffc0000
[  402.076515][    C1] vkms_vblank_simulate: vblank timer overrun
[  402.081516][T12663] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  402.139734][   T28] audit: type=1326 audit(1772069340.264:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12713 comm="syz.7.2221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18af79c629 code=0x7ffc0000
[  402.170553][T12663] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  402.213620][   T28] audit: type=1326 audit(1772069340.264:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12713 comm="syz.7.2221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f18af79c629 code=0x7ffc0000
[  402.241219][T12663] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  402.340336][   T28] audit: type=1326 audit(1772069340.264:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12713 comm="syz.7.2221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18af79c629 code=0x7ffc0000
[  402.473113][T12731] netlink: 56 bytes leftover after parsing attributes in process `syz.6.2226'.
[  402.510534][T12731] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2226'.
[  402.625214][    T9] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  402.678486][T12663] 8021q: adding VLAN 0 to HW filter on device bond0
[  402.738460][T12663] 8021q: adding VLAN 0 to HW filter on device team0
[  402.799556][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  402.806820][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  402.828229][    T9] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  402.846051][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  402.875458][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.882773][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  402.883303][    T9] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  402.916237][ T5780] Bluetooth: hci2: command tx timeout
[  402.966741][    T9] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  403.012383][    T9] usb 5-1: Manufacturer: syz
[  403.040150][    T9] usb 5-1: config 0 descriptor??
[  403.082848][T12741] loop6: detected capacity change from 0 to 1764
[  403.295257][    T9] rc_core: IR keymap rc-hauppauge not found
[  403.301335][    T9] Registered IR keymap rc-empty
[  403.320213][    T9] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  403.342512][    T9] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input27
[  403.591059][T12748] rc rc0: two consecutive events of type space
[  403.705331][T12663] 8021q: adding VLAN 0 to HW filter on device batadv0
[  403.802988][ T7035] usb 5-1: USB disconnect, device number 16
[  403.827953][T12663] veth0_vlan: entered promiscuous mode
[  403.872041][T12663] veth1_vlan: entered promiscuous mode
[  404.008881][T12663] veth0_macvtap: entered promiscuous mode
[  404.016580][T12758] netlink: 76 bytes leftover after parsing attributes in process `syz.6.2234'.
[  404.030968][T12663] veth1_macvtap: entered promiscuous mode
[  404.073629][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.095280][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.122890][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.155956][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.194854][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.220873][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.239502][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.250998][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.266378][T12663] batman_adv: batadv0: Interface activated: batadv_slave_0
[  404.291350][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.303105][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.314366][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.336291][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.356137][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.394830][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.412833][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.431511][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.448288][T12663] batman_adv: batadv0: Interface activated: batadv_slave_1
[  404.487082][T12663] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  404.522362][T12663] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  404.545192][T12663] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  404.553973][T12663] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  404.657817][T12768] netlink: 'syz.4.2238': attribute type 4 has an invalid length.
[  404.829110][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  404.855814][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  404.934162][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  404.951043][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  404.995355][ T5780] Bluetooth: hci2: command tx timeout
[  405.075922][   T27] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  405.265014][   T27] usb 7-1: Using ep0 maxpacket: 16
[  405.295341][   T27] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  405.314342][   T27] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  405.331284][   T27] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.350810][   T27] usb 7-1: config 0 descriptor??
[  405.533235][T12787] loop3: detected capacity change from 0 to 1024
[  405.753531][   T49] hfsplus: b-tree write err: -5, ino 3
[  405.791769][   T27] mcp2221 0003:04D8:00DD.0014: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0
[  406.190141][ T5813] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  406.272511][   T27] usb 7-1: USB disconnect, device number 18
[  406.395051][ T5813] usb 4-1: Using ep0 maxpacket: 32
[  406.405422][ T5813] usb 4-1: config index 0 descriptor too short (expected 156, got 27)
[  406.414014][ T5813] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  406.425866][ T5813] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  406.438322][ T5813] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  406.452102][ T5813] usb 4-1: config 0 interface 0 has no altsetting 0
[  406.463451][ T5813] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  406.473353][ T5813] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  406.482459][ T5813] usb 4-1: Product: syz
[  406.487344][ T5813] usb 4-1: Manufacturer: syz
[  406.492084][ T5813] usb 4-1: SerialNumber: syz
[  406.501925][ T5813] usb 4-1: config 0 descriptor??
[  406.514293][ T5813] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  406.529804][ T5813] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  406.746131][ T5813] usb 4-1: USB disconnect, device number 20
[  406.752140][    C1] ldusb 4-1:0.0: usb_submit_urb failed (-19)
[  406.770651][ T5813] ldusb 4-1:0.0: LD USB Device #0 now disconnected
[  406.948901][T12793] ldusb: No device or device unplugged -19
[  407.076771][ T5780] Bluetooth: hci2: command tx timeout
[  407.428988][T12813] loop4: detected capacity change from 0 to 4096
[  407.562364][T12813] ntfs: volume version 3.1.
[  408.190144][T12830] loop3: detected capacity change from 0 to 4096
[  408.207043][T12830] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  408.844830][ T5835] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  409.018545][T12853] loop3: detected capacity change from 0 to 512
[  409.054255][T12853] EXT4-fs: Ignoring removed nomblk_io_submit option
[  409.057063][ T5835] usb 5-1: Using ep0 maxpacket: 32
[  409.082012][ T5835] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  409.098798][T12853] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  409.101253][ T5835] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  409.136240][T12853] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e802e02c, mo2=0002]
[  409.144354][T12853] System zones: 1-12
[  409.164148][ T5835] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  409.174460][T12853] EXT4-fs (loop3): orphan cleanup on readonly fs
[  409.198897][T12853] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz.3.2275: attempt to clear invalid blocks 1024 len 1
[  409.218048][T12853] EXT4-fs (loop3): Remounting filesystem read-only
[  409.228229][ T5835] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  409.231309][T12853] EXT4-fs (loop3): 1 truncate cleaned up
[  409.250278][T12853] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  409.296337][ T5835] usb 5-1: config 0 interface 0 has no altsetting 0
[  409.339608][ T5835] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  409.354581][ T5835] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  409.377177][T12663] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  409.396349][ T5835] usb 5-1: Product: syz
[  409.404069][ T5835] usb 5-1: Manufacturer: syz
[  409.417907][ T5835] usb 5-1: SerialNumber: syz
[  409.437453][ T5835] usb 5-1: config 0 descriptor??
[  409.468000][ T5835] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  409.504485][ T5835] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  409.750608][    C0] ldusb 5-1:0.0: usb_submit_urb failed (-19)
[  409.757750][ T5816] usb 5-1: USB disconnect, device number 17
[  409.795831][ T5816] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  409.911990][T12848] loop6: detected capacity change from 0 to 32768
[  409.943444][T12848] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  409.956046][T12842] ldusb: No device or device unplugged -19
[  410.000907][T12848] XFS (loop6): Ending clean mount
[  410.017867][T12848] XFS (loop6): Quotacheck needed: Please wait.
[  410.117388][T12848] XFS (loop6): Quotacheck: Done.
[  410.289689][ T7747] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  411.254921][ T5816] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  411.274782][    T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!!
[  411.305097][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  411.313428][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  411.376877][T12893] loop6: detected capacity change from 0 to 512
[  411.446304][T12893] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c01c, mo2=0002]
[  411.454435][T12893] System zones: 0-2, 18-18, 34-35
[  411.485034][ T5816] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  411.497993][T12893] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  411.524986][ T5816] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.533884][T12893] ext4 filesystem being mounted at /424/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  411.559308][ T5816] usb 4-1: config 0 descriptor??
[  411.597314][ T5816] gspca_main: cpia1-2.14.0 probing 0813:0001
[  411.809644][ T7747] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.855413][T12902] loop4: detected capacity change from 0 to 256
[  411.923400][T12904] loop5: detected capacity change from 0 to 7
[  411.935285][T12904] Dev loop5: unable to read RDB block 7
[  411.940990][T12904]  loop5: AHDI p1
[  411.957646][T12904] loop5: partition table partially beyond EOD, truncated
[  411.978526][T12902] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  411.992839][ T5816] cpia1 4-1:0.0: unexpected state after lo power cmd: 00
[  412.247582][T12908] loop6: detected capacity change from 0 to 512
[  412.286560][T12908] EXT4-fs: Ignoring removed nobh option
[  412.331385][T12908] EXT4-fs error (device loop6): ext4_orphan_get:1398: inode #15: comm syz.6.2291: iget: bad i_size value: 38620345925642
[  412.345144][T12908] EXT4-fs error (device loop6): ext4_orphan_get:1403: comm syz.6.2291: couldn't read orphan inode 15 (err -117)
[  412.361729][T12908] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.396616][ T5816] gspca_cpia1: usb_control_msg 02, error -71
[  412.445266][ T5816] gspca_cpia1: usb_control_msg 05, error -71
[  412.483240][ T5816] cpia1 4-1:0.0: unexpected systemstate: 00
[  412.490912][ T7747] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.503583][ T5816] usb 4-1: USB disconnect, device number 21
[  412.622450][T12913] netlink: 'syz.6.2293': attribute type 11 has an invalid length.
[  412.632864][T12913] netlink: 184116 bytes leftover after parsing attributes in process `syz.6.2293'.
[  413.135704][T12926] loop3: detected capacity change from 0 to 1024
[  413.270276][T12930] bridge1: entered promiscuous mode
[  413.334608][   T11] hfsplus: b-tree write err: -5, ino 4
[  413.499721][   T28] audit: type=1326 audit(1772069351.904:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12932 comm="syz.7.2303" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f18af79c629 code=0x0
[  413.521502][    C1] vkms_vblank_simulate: vblank timer overrun
[  413.940183][T12952] loop3: detected capacity change from 0 to 512
[  413.960321][T12952] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  414.003937][T12952] EXT4-fs (loop3): 1 orphan inode deleted
[  414.023069][T12952] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  414.227553][T12663] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.666729][ T5813] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  414.877311][ T5813] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  414.908769][ T5813] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  414.928228][ T5813] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  414.954769][ T5813] usb 4-1: config 0 interface 0 has no altsetting 0
[  414.984779][ T5813] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  414.994035][ T5813] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  415.033542][ T5813] usb 4-1: config 0 interface 0 has no altsetting 0
[  415.059947][ T5813] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  415.079374][ T5813] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  415.111508][ T5813] usb 4-1: config 0 interface 0 has no altsetting 0
[  415.133987][ T5813] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  415.162000][ T5813] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  415.193811][ T5813] usb 4-1: config 0 interface 0 has no altsetting 0
[  415.203003][ T5813] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  415.228177][ T5813] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  415.270561][ T5813] usb 4-1: config 0 interface 0 has no altsetting 0
[  415.292512][ T5813] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  415.311732][ T5813] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  415.334369][ T5813] usb 4-1: config 0 interface 0 has no altsetting 0
[  415.356507][ T5813] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  415.366424][ T5813] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  415.395324][ T5813] usb 4-1: config 0 interface 0 has no altsetting 0
[  415.413659][ T5813] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  415.443695][ T5813] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  415.468820][ T5813] usb 4-1: config 0 interface 0 has no altsetting 0
[  415.497548][ T5813] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  415.506906][ T5813] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  415.544949][ T5813] usb 4-1: Product: syz
[  415.551309][ T5813] usb 4-1: Manufacturer: syz
[  415.574902][ T5813] usb 4-1: SerialNumber: syz
[  415.592625][ T5813] usb 4-1: config 0 descriptor??
[  415.621711][ T5813] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  415.700124][T12973] loop4: detected capacity change from 0 to 32768
[  415.812910][T12973] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  415.944620][ T5813] usb 4-1: USB disconnect, device number 22
[  416.009550][ T5813] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  416.034996][T12973] XFS (loop4): Ending clean mount
[  416.067863][T12973] XFS (loop4): Quotacheck needed: Please wait.
[  416.193586][T12973] XFS (loop4): Quotacheck: Done.
[  416.278973][T13002] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2328'.
[  416.355484][ T6488] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  416.447796][T13004] loop6: detected capacity change from 0 to 1024
[  416.479919][T13004] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  416.602451][T13004] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  416.694551][T13004] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  416.856762][ T7747] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  417.049908][T13014] loop4: detected capacity change from 0 to 256
[  417.059806][T13015] netlink: 'syz.7.2332': attribute type 11 has an invalid length.
[  417.091040][T13015] netlink: 184116 bytes leftover after parsing attributes in process `syz.7.2332'.
[  417.103086][T13014] exfat: Deprecated parameter 'utf8'
[  417.139272][T13014] exfat: Deprecated parameter 'namecase'
[  417.155524][T13014] exfat: Deprecated parameter 'namecase'
[  417.181541][T13014] exfat: Deprecated parameter 'utf8'
[  417.185917][T13015] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  417.265391][T13014] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x6a70c931, utbl_chksum : 0xe619d30d)
[  418.059265][T13032] loop3: detected capacity change from 0 to 4096
[  418.078921][T13032] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  418.157625][T13032] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  418.718732][T13052] loop6: detected capacity change from 0 to 2048
[  418.763824][T13052] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  420.115420][   T56] wlan1: Trigger new scan to find an IBSS to join
[  420.186470][   T33] ------------[ cut here ]------------
[  420.192959][   T33] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0xffffffff with flags 0x40
[  420.204535][   T33] WARNING: CPU: 0 PID: 33 at net/mac80211/rate.c:385 __rate_control_send_low+0x635/0x880
[  420.214542][   T33] Modules linked in:
[  420.218543][   T33] CPU: 0 PID: 33 Comm: kworker/u4:2 Not tainted syzkaller #0
[  420.226017][   T33] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  420.236185][   T33] Workqueue: events_unbound cfg80211_wiphy_work
[  420.242514][   T33] RIP: 0010:__rate_control_send_low+0x635/0x880
[  420.248889][   T33] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 00 d1 de 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 9b 7d 56 f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff
[  420.268599][   T33] RSP: 0018:ffffc90000a9f380 EFLAGS: 00010246
[  420.274821][   T33] RAX: dea4dd4b05bde500 RBX: 000000000000000c RCX: ffff888018ab8000
[  420.282852][   T33] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  420.290915][   T33] RBP: 0000000000000084 R08: ffffc90000a9ef87 R09: 1ffff92000153df0
[  420.299001][   T33] R10: dffffc0000000000 R11: fffff52000153df1 R12: 0000000000000040
[  420.307070][   T33] R13: dffffc0000000000 R14: ffff888067873358 R15: ffff888067dde7a8
[  420.315162][   T33] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  420.324178][   T33] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  420.330856][   T33] CR2: 00007f18af84e9d3 CR3: 00000000771ab000 CR4: 00000000003506f0
[  420.338926][   T33] Call Trace:
[  420.342275][   T33]  <TASK>
[  420.345333][   T33]  rate_control_send_low+0x194/0x790
[  420.350701][   T33]  rate_control_get_rate+0x20b/0x5d0
[  420.356112][   T33]  ieee80211_tx_h_rate_ctrl+0xb63/0x1790
[  420.361825][   T33]  ? ieee80211_tx_h_select_key+0x19e0/0x19e0
[  420.367924][   T33]  ? __lock_acquire+0x1273/0x7d40
[  420.373017][   T33]  ? ieee80211_is_bufferable_mmpdu+0xfb/0x1f0
[  420.379241][   T33]  invoke_tx_handlers_late+0xb6/0x1810
[  420.384818][   T33]  ? invoke_tx_handlers_early+0xa11/0x1cf0
[  420.390701][   T33]  ieee80211_tx+0x2d8/0x460
[  420.395353][   T33]  ? ieee80211_skb_resize+0x630/0x630
[  420.400815][   T33]  ? ieee80211_set_qos_hdr+0x1ca/0x510
[  420.406396][   T33]  ? __bpf_trace_tasklet+0x160/0x160
[  420.411728][   T33]  ? ieee80211_xmit+0x310/0x3f0
[  420.416694][   T33]  ? __ieee80211_tx_skb_tid_band+0x490/0x610
[  420.422728][   T33]  __ieee80211_tx_skb_tid_band+0x4d5/0x610
[  420.428662][   T33]  ? ieee80211_scan_state_send_probe+0x4b4/0x930
[  420.435113][   T33]  ieee80211_scan_state_send_probe+0x560/0x930
[  420.441332][   T33]  ieee80211_scan_work+0x4e9/0x1c40
[  420.446310][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  420.446793][   T33]  cfg80211_wiphy_work+0x225/0x260
[  420.459896][   T33]  ? process_scheduled_works+0x96f/0x15d0
[  420.465664][   T33]  process_scheduled_works+0xa5d/0x15d0
[  420.471253][   T33]  ? assign_work+0x430/0x430
[  420.475899][   T33]  ? assign_work+0x3d0/0x430
[  420.480541][   T33]  worker_thread+0xa55/0xfc0
[  420.485271][   T33]  kthread+0x2fa/0x390
[  420.489388][   T33]  ? pr_cont_work+0x560/0x560
[  420.494216][   T33]  ? kthread_blkcg+0xd0/0xd0
[  420.498902][   T33]  ret_from_fork+0x48/0x80
[  420.503365][   T33]  ? kthread_blkcg+0xd0/0xd0
[  420.508003][   T33]  ret_from_fork_asm+0x11/0x20
[  420.512793][   T33]  </TASK>
[  420.515878][   T33] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  420.523196][   T33] CPU: 0 PID: 33 Comm: kworker/u4:2 Not tainted syzkaller #0
[  420.530573][   T33] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  420.540638][   T33] Workqueue: events_unbound cfg80211_wiphy_work
[  420.546913][   T33] Call Trace:
[  420.550244][   T33]  <TASK>
[  420.553182][   T33]  dump_stack_lvl+0x18c/0x250
[  420.557888][   T33]  ? show_regs_print_info+0x20/0x20
[  420.563101][   T33]  ? load_image+0x400/0x400
[  420.567714][   T33]  panic+0x2dc/0x730
[  420.571623][   T33]  ? bpf_jit_dump+0xd0/0xd0
[  420.576141][   T33]  ? ret_from_fork_asm+0x11/0x20
[  420.581106][   T33]  __warn+0x2e0/0x470
[  420.585095][   T33]  ? __rate_control_send_low+0x635/0x880
[  420.590745][   T33]  ? __rate_control_send_low+0x635/0x880
[  420.596402][   T33]  report_bug+0x2be/0x4f0
[  420.600748][   T33]  ? __rate_control_send_low+0x635/0x880
[  420.606392][   T33]  ? __rate_control_send_low+0x635/0x880
[  420.612033][   T33]  ? __rate_control_send_low+0x637/0x880
[  420.617673][   T33]  handle_bug+0xcf/0x120
[  420.621932][   T33]  exc_invalid_op+0x1a/0x50
[  420.626462][   T33]  asm_exc_invalid_op+0x1a/0x20
[  420.631377][   T33] RIP: 0010:__rate_control_send_low+0x635/0x880
[  420.637633][   T33] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 00 d1 de 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 9b 7d 56 f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff
[  420.657258][   T33] RSP: 0018:ffffc90000a9f380 EFLAGS: 00010246
[  420.663349][   T33] RAX: dea4dd4b05bde500 RBX: 000000000000000c RCX: ffff888018ab8000
[  420.671334][   T33] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  420.679312][   T33] RBP: 0000000000000084 R08: ffffc90000a9ef87 R09: 1ffff92000153df0
[  420.687293][   T33] R10: dffffc0000000000 R11: fffff52000153df1 R12: 0000000000000040
[  420.695298][   T33] R13: dffffc0000000000 R14: ffff888067873358 R15: ffff888067dde7a8
[  420.703307][   T33]  rate_control_send_low+0x194/0x790
[  420.708661][   T33]  rate_control_get_rate+0x20b/0x5d0
[  420.713963][   T33]  ieee80211_tx_h_rate_ctrl+0xb63/0x1790
[  420.719633][   T33]  ? ieee80211_tx_h_select_key+0x19e0/0x19e0
[  420.725630][   T33]  ? __lock_acquire+0x1273/0x7d40
[  420.730672][   T33]  ? ieee80211_is_bufferable_mmpdu+0xfb/0x1f0
[  420.736778][   T33]  invoke_tx_handlers_late+0xb6/0x1810
[  420.742256][   T33]  ? invoke_tx_handlers_early+0xa11/0x1cf0
[  420.748095][   T33]  ieee80211_tx+0x2d8/0x460
[  420.752608][   T33]  ? ieee80211_skb_resize+0x630/0x630
[  420.757997][   T33]  ? ieee80211_set_qos_hdr+0x1ca/0x510
[  420.763474][   T33]  ? __bpf_trace_tasklet+0x160/0x160
[  420.768769][   T33]  ? ieee80211_xmit+0x310/0x3f0
[  420.773638][   T33]  ? __ieee80211_tx_skb_tid_band+0x490/0x610
[  420.779655][   T33]  __ieee80211_tx_skb_tid_band+0x4d5/0x610
[  420.785485][   T33]  ? ieee80211_scan_state_send_probe+0x4b4/0x930
[  420.791830][   T33]  ieee80211_scan_state_send_probe+0x560/0x930
[  420.798017][   T33]  ieee80211_scan_work+0x4e9/0x1c40
[  420.803257][   T33]  cfg80211_wiphy_work+0x225/0x260
[  420.808390][   T33]  ? process_scheduled_works+0x96f/0x15d0
[  420.814124][   T33]  process_scheduled_works+0xa5d/0x15d0
[  420.819708][   T33]  ? assign_work+0x430/0x430
[  420.824320][   T33]  ? assign_work+0x3d0/0x430
[  420.828930][   T33]  worker_thread+0xa55/0xfc0
[  420.833582][   T33]  kthread+0x2fa/0x390
[  420.837661][   T33]  ? pr_cont_work+0x560/0x560
[  420.842351][   T33]  ? kthread_blkcg+0xd0/0xd0
[  420.846952][   T33]  ret_from_fork+0x48/0x80
[  420.851385][   T33]  ? kthread_blkcg+0xd0/0xd0
[  420.855985][   T33]  ret_from_fork_asm+0x11/0x20
[  420.860783][   T33]  </TASK>
[  420.864452][   T33] Kernel Offset: disabled
[  420.868932][   T33] Rebooting in 86400 seconds..